cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aymeric Levaux (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (CXF-5063) When using AsyncHttpConduit with a certificate alias CXF hangs after a bunch of requests
Date Thu, 06 Jun 2013 17:41:19 GMT

     [ https://issues.apache.org/jira/browse/CXF-5063?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Aymeric Levaux updated CXF-5063:
--------------------------------

    Description: 
When using AsyncHttpConduit with a certificate alias CXF hangs after a bunch of requests.


*Root cause:*
For each request, when AsyncHTTPConduit.getSSLContext() is called,  the KeyManagers are wrapped
by an AliasedX509ExtendedKeyManager. After some time, the KeyManagers are wrapped thousands
of times. Then, at the moment a new connection needs to be established, a StackOverflowError
is thrown when AliasedX509ExtendedKeyManager.getPrivateKey() is called. This causes the I/O
dispatchers of the HttpAsynClient to go down one after the other. When all the I/O dispatchers
are down all requests done by CXF end up in timeout.

In AsyncHTTPConduit.getSSLContext() the hash code of the tlsClientParameters is checked to
decide whether or not a new SSLContext should be created. This is not working in this context
as the wrapping of the KeyManagers has an influence of the tlsClientParameters hash code.

*Other points:*
* The AsyncHTTPConduit is containing a few auto generated catch blocks (with e.printStackTrace();
).
* When the I/O dispatchers are going down (quite an important issue), the error is logged
on the System.err and nothing is logged on the Logger.
* In the CXF documentation nothing is mentioned on the fact the HttpAsyncClient is still in
beta.

    
> When using AsyncHttpConduit with a certificate alias CXF hangs after a bunch of requests
> ----------------------------------------------------------------------------------------
>
>                 Key: CXF-5063
>                 URL: https://issues.apache.org/jira/browse/CXF-5063
>             Project: CXF
>          Issue Type: Bug
>          Components: Transports
>    Affects Versions: 2.7.5
>            Reporter: Aymeric Levaux
>            Priority: Critical
>
> When using AsyncHttpConduit with a certificate alias CXF hangs after a bunch of requests.

> *Root cause:*
> For each request, when AsyncHTTPConduit.getSSLContext() is called,  the KeyManagers are
wrapped by an AliasedX509ExtendedKeyManager. After some time, the KeyManagers are wrapped
thousands of times. Then, at the moment a new connection needs to be established, a StackOverflowError
is thrown when AliasedX509ExtendedKeyManager.getPrivateKey() is called. This causes the I/O
dispatchers of the HttpAsynClient to go down one after the other. When all the I/O dispatchers
are down all requests done by CXF end up in timeout.
> In AsyncHTTPConduit.getSSLContext() the hash code of the tlsClientParameters is checked
to decide whether or not a new SSLContext should be created. This is not working in this context
as the wrapping of the KeyManagers has an influence of the tlsClientParameters hash code.
> *Other points:*
> * The AsyncHTTPConduit is containing a few auto generated catch blocks (with e.printStackTrace();
).
> * When the I/O dispatchers are going down (quite an important issue), the error is logged
on the System.err and nothing is logged on the Logger.
> * In the CXF documentation nothing is mentioned on the fact the HttpAsyncClient is still
in beta.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message