Return-Path: <dev-return-17707-archive-asf-public=cust-asf.ponee.io@cxf.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 1E5B4200CC6
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Tue, 18 Jul 2017 17:58:24 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 1CD7E1670DC; Tue, 18 Jul 2017 15:58:24 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 3CD7B1670C2
	for <archive-asf-public@cust-asf.ponee.io>; Tue, 18 Jul 2017 17:58:23 +0200 (CEST)
Received: (qmail 22265 invoked by uid 500); 18 Jul 2017 15:58:22 -0000
Mailing-List: contact dev-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@cxf.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@cxf.apache.org>
List-Post: <mailto:dev@cxf.apache.org>
List-Id: <dev.cxf.apache.org>
Reply-To: dev@cxf.apache.org
Delivered-To: mailing list dev@cxf.apache.org
Received: (qmail 22253 invoked by uid 99); 18 Jul 2017 15:58:22 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 18 Jul 2017 15:58:22 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 99CC1180157
	for <dev@cxf.apache.org>; Tue, 18 Jul 2017 15:58:21 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 0.379
X-Spam-Level: 
X-Spam-Status: No, score=0.379 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
	RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01,
	RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001]
	autolearn=disabled
Authentication-Results: spamd3-us-west.apache.org (amavisd-new);
	dkim=pass (2048-bit key) header.d=gmail.com
Received: from mx1-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024)
	with ESMTP id M6-bGmv7ViNl for <dev@cxf.apache.org>;
	Tue, 18 Jul 2017 15:58:20 +0000 (UTC)
Received: from mail-lf0-f49.google.com (mail-lf0-f49.google.com [209.85.215.49])
	by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id 033C25F477
	for <dev@cxf.apache.org>; Tue, 18 Jul 2017 15:58:20 +0000 (UTC)
Received: by mail-lf0-f49.google.com with SMTP id w198so17798846lff.2
        for <dev@cxf.apache.org>; Tue, 18 Jul 2017 08:58:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=subject:to:references:from:message-id:date:user-agent:mime-version
         :in-reply-to:content-language:content-transfer-encoding;
        bh=68IU+DcoU4HDLQNNeD5GufTzSkDR/Zdu+9pufVCBpVI=;
        b=fvi6xh8gDGBWYZ8vSeWYmbV7+3yCcH3q2CiOTr1sBNveiNN4M9Xtw7y/oUr+6MzVoR
         wfWpWpJqJrch35CoHUzPLgLuci0KHkhJQjMFTsiv3RGeUsgtvALhIJwzPuxObT37NHIK
         UajtVDZcynxG7EnfjjsGxTTrNMvNZRs0xC90e+NURTQYLNK7Fnxbtwld8bQOfqQhwU3b
         zOWOz8mIXGc3PZhLiEJ3hQuKYu7E6iuFsERC5kr0TGw1EmoOAqbfYujRop/8kurYmdaY
         EMVA5jk0BWjFVpB9atYhQGdULtgUMttk5oTMvmxVR8MCt7ADQystCEQs1RCx6SGszugF
         hNAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=68IU+DcoU4HDLQNNeD5GufTzSkDR/Zdu+9pufVCBpVI=;
        b=CVIT0hut6SQcjjnXUJO3ID2hpIpEpMXMWMJ8nd5qt/yvA2o0D90cJ5VTMVP4naYn1r
         eayoNV1fv0bR1Om1f2g6wHiNXrw+RJKN7jRDbEMkfxT/KmOBv9Cw0bImoBeLITz/h/KJ
         S2NlK7UHjJ0PmbFjxJ+GpwNsZ/R15guwUyVawd6WX/mmTtPxYFUbycpscd/Wh3IWbeVt
         88Oc3C0KsNRGaDFQUXIp+kDDi36cc+Zme3Cxb4t5VpNOjtizcdm6q6jrDUe9qaOh3Kb2
         N6XWd06O8xWBRJsmbq46IONDg6wCi8hSUvsxf3GL3pqFmGdgsZrSEhDTjln372fW35vC
         KO2A==
X-Gm-Message-State: AIVw111M3NCRP/aNQZmO14ybjMPMel0FNRHp7tAnC7Gik2vgsVne14Zb
	5Aw/BZH65FEKF5nzvEU=
X-Received: by 10.25.40.70 with SMTP id o67mr999674lfo.124.1500393493336;
        Tue, 18 Jul 2017 08:58:13 -0700 (PDT)
Received: from [10.39.0.31] (nat-141-pool-1-ip-6.cosmostv.by. [87.252.225.96])
        by smtp.googlemail.com with ESMTPSA id f18sm653347lff.63.2017.07.18.08.58.06
        for <dev@cxf.apache.org>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Tue, 18 Jul 2017 08:58:07 -0700 (PDT)
Subject: Re: Enable reflective use of HttpURLConnection by default?
To: dev@cxf.apache.org
References: <CAB=WQ1GVaC_Fj1H8HXjVi_DR6fwDZJoia91bb38xtF94KzTa7Q@mail.gmail.com>
 <16762d6d-d8b5-409a-3736-947c1d8da26a@gmail.com>
 <CAB=WQ1EWKJwAMOLCPYSm-WEHmBHO6NRvo70iC3sW0NiNiKoWeA@mail.gmail.com>
From: Sergey Beryozkin <sberyozkin@gmail.com>
Message-ID: <57206d33-2065-6e40-dde8-366530b39ede@gmail.com>
Date: Tue, 18 Jul 2017 18:58:06 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.2.1
MIME-Version: 1.0
In-Reply-To: <CAB=WQ1EWKJwAMOLCPYSm-WEHmBHO6NRvo70iC3sW0NiNiKoWeA@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
archived-at: Tue, 18 Jul 2017 15:58:24 -0000

Hi Andy

Thanks for the explanation too.
I've no objections to enabling this property by default. I guess it can 
be reviewed again later on if Java 9 (and JPMS) are used.
May be lets wait for a couple of days for Dan, Alessio others to respond,

I agree it is very reasonable to expect that various HTTP verbs just 
work with CXF clients...

Sergey

On 17/07/17 23:28, Andy McCright wrote:
> Hi Sergey,
> 
> Thanks for the suggestion.  I'll definitely give cxf-rt-transports-http-hc
> a try.
> 
> As for what will happen in Java 9 with using reflection, it will work by
> default now that Oracle has decided to ship with the "kill-switch" enabled
> (i.e. the JPMS module system will be disabled by default).  However, if a
> user were to enable JPMS, then this reflection approach would also fail.
> So wrt to this transport, PATCH and other "non-standard" HTTP methods will
> not work with JPMS enabled.  Given that, your suggestion to use Apache HTTP
> Client makes more sense.  Still, I'll plan to change the default for 3.2 to
> use reflection unless anybody objects.
> 
> Thanks again,
> 
> Andy
> 
> On Sat, Jul 15, 2017 at 11:38 AM, Sergey Beryozkin <sberyozkin@gmail.com>
> wrote:
> 
>> Hi Andy
>>
>> Note that the other alternative is to use CXF Apache HTTP Client based
>> conduit, cxf-rt-transports-http-hc, if it is on the classpath then CXF
>> (Dan did it) will use HttpClient by default, and as far as I recall (I've
>> no editor opened right now) CXF RS Client (in AbstractClient code)
>> will instruct whatever HTTP conduit is loaded to run a non-async request
>> synchronously.
>>
>> Have you tried cxf-rt-transports-http-hc ? My understanding CXF RS async
>> requests (those part of 2.0 API for ex) can only be truly async when this
>> conduit is loaded.
>>
>> Dan can provide more info but I believe when the async requests run over
>> the HttpUrlConnection CXF may be blocking the thread (at the sync HTTP
>> Conduit level) and using the internal pool, something like that...
>>
>> As far as enabling the reflective use of HttpUrlConnection by default: it
>> is probably a good idea indeed.
>> What will happen when CXF is run in a Java 9 VM though ?
>>
>>
>> Thanks, Sergey
>>
>>
>> On 14/07/17 18:36, Andy McCright wrote:
>>
>>> Hi All,
>>>
>>> With more and more people using different HTTP methods (verbs) with the
>>> JAX-RS client - particularly PATCH, but really any method they want - is
>>> there any objection to making the "use.httpurlconnection.method.
>>> reflection"
>>> true by default in CXF 3.2.X?
>>>
>>> Here is some background:
>>> Java SE's HttpUrlConnection's setRequestMethod() implementation restricts
>>> callers to the following HTTP methods: GET POST HEAD OPTIONS PUT DELETE
>>> TRACE - if any other HTTP method is passed in, then the caller will get a
>>> ProtocolException.
>>>
>>> This is very limiting and prevents users for invoking increasingly common
>>> HTTP methods like PATCH, some of the WebDAV methods, etc. Ideally, the JDK
>>> would alter the list of allows HTTP methods (or provide a mechanism for
>>> users to specify a whitelist of allowed methods), but at best that won't
>>> occur until Java 9.
>>>
>>> CXF worked around this problem by adding the
>>> "use.httpurlconnection.method.reflection" property - this can be set as a
>>> system property or as a property on the Message object.  When true, CXF
>>> will reflectively modify the state of the HttpURLConnection object
>>> (bypassing the setRequestMethod's parameter check) and set the user's
>>> specified HTTP method.
>>>
>>> With JAX-RS 2.1 adding out-of-the-box @PATCH support, I suspect more and
>>> more users will want to use HTTP methods not in the JDK's current
>>> whitelist.  Rather than asking them to set this property, I think it might
>>> make more sense to enable the property by default (they could always
>>> disable if they feel it is a risk).
>>>
>>> Any thoughts?  If there are no objections, I can make the change.
>>>
>>> Thanks,
>>> Andy
>>>
>>>
> 


-- 
Sergey Beryozkin

Talend Community Coders
http://coders.talend.com/