commons-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian Myrvold <christian.myrv...@mitec.no>
Subject [httpClient] Performance and reverse DNS lookup
Date Thu, 04 Mar 2004 09:35:53 GMT
Greetings,

I does not seem like my first mail went through so I am gonna try again. 
In short I have a performance problem with the HttpClient when using 
https agains private networks over dialup/PPP connections. DNS records 
are not available for the webservers I am connecting to. When I go 
connect through my application (which is a sort of a httpsproxy), 
performance is significally slower then when i connect directly to the 
webserver. Allthough when I add correct DNS records (both forward and 
reverse) to my DNS-server, I get a good performance gain. So, I am 
asuming it is the reverse lookup of the DNS that is consuming time. 
Actually I can se from debugging that it is the part where a new 
socket/connection is beeing created that is timeconsuming. So I am 
wondering if there is a way to turn off the reverse lookup in the 
HttpClient or SSL library? I am using the SSLSocketFactory I found on 
these mailinglist. Please see below.

As additional information I can add that I use the whole URL to connect. 
When I create a method i use for an example an URL like this in the 
constructor: https://192.168.20.3. Is this ok? Or should I use another 
way to add the IP-address to avoid reverse lookup?

Also I would like to know if there is any good tips or hints for 
performance in general for the HttpClient?

Help is greatly appreciated!

Best Regards,
Christian Myrvold

************
/*
 * ProxySSLSocketFactory.java
 *
 * Created on 3. mars 2004, 14:36
 */

package no.mitec.sacs.application.proxy;

/**
 *
 * @author  cm
 */
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;

public class ProxySSLSocketFactory implements SecureProtocolSocketFactory
{
     private static class TM implements X509TrustManager
     {
         public X509Certificate[] getAcceptedIssuers()
         {
             return new X509Certificate[0];
         }

         public void checkClientTrusted(X509Certificate[] arg0, String 
arg1) throws CertificateException
         {
         }

         public void checkServerTrusted(X509Certificate[] arg0, String 
arg1) throws CertificateException
         {
         }
     }

     private static SSLSocketFactory getSocketFactory()
     {
         try
         {
             SSLContext context = SSLContext.getInstance("SSL");
             context.init(null, new TrustManager[] {new TM()}, null);
             return context.getSocketFactory();
         }
         catch (Exception e)
         {
             throw new RuntimeException(e);
         }
     }

     public Socket createSocket(String host, int port, InetAddress 
clientHost,
         int clientPort) throws IOException, UnknownHostException
     {
         return getSocketFactory().createSocket(host, port, clientHost, 
clientPort);
     }

     public Socket createSocket(String host, int port)
         throws IOException, UnknownHostException
     {
         return getSocketFactory().createSocket(host, port);
     }

     public Socket createSocket(Socket socket, String host, int port,
         boolean autoClose) throws IOException, UnknownHostException
     {
         return getSocketFactory().createSocket(socket, host, port, 
autoClose);
     }
}
************


---------------------------------------------------------------------
To unsubscribe, e-mail: commons-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-user-help@jakarta.apache.org


Mime
View raw message