hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kalnichevski, Oleg" <oleg.kalnichev...@bearingpoint.com>
Subject RE: keep-alive with HTTPS
Date Mon, 10 May 2004 10:02:02 GMT

Hi John,

The problem is caused by a bug in older Sun's JSSE implementations. Indeed, it has nothing
to do with HttpURLConnection.

The problem is actually an interplay of several factors

(1) Persistent connections.

HttpClient attempts to reuse HTTP connections whenever possible.

(2) 'Stale' connections check

According to the HTTP spec HTTP connection can be dropped either by the server or by the client
at any time without giving any notice. So, at any point in time persistent HTTP connection
may become unusable (or stale). The only reliable way to tell if the connection is still open
on both ends (we know of) is to perform an I/O operation on the socket. Prior to executing
a method HttpClient attempts to do a short (one millisecond) read on the underlying socket
in order to ensure that the connection is still good. This is what we call a stale connection

(3) JSSE bug

Older versions of Sun JSSE do not handle timeouts correctly. A one millisecond read operation
on a perfectly useable SSL socket results in 'end of stream' condition (socket closed) instead
of a timeout exception as expected. This bug causes the stale connection check to produce
erroneous result, which in its turn causes HttpClient to drop the connection.

There are two possibilities to work the problem around

* upgrade to JDK 1.4 or newer that does not exhibit the problem
* disable the stale connection check

I hope this makes the situation somewhat clearer for you


-----Original Message-----
From: Jesus M. Salvo Jr. [mailto:jesus.salvo@migasia.com]
Sent: Monday, May 10, 2004 8:41
To: commons-httpclient-dev@jakarta.apache.org
Subject: keep-alive with HTTPS

I was re-reading the SSL guide today and it mentions about "*Persistent
SSL connections do not work on Sun's JVMs below 1.4".*
However, the details for that section is actually talking about HTTP
keep-alive ( and then talks about stale SSL connections ).

So I am a bit confused now. Is / Was the problem with the JVM itself (
that is, with HttpURLConnection ), or was it with JSSE ?
Since HttpClient is creating its own socket ( and does not use Java's
URLConnection ), then the problem with HTTP keep-alive should not
affected HttpClient
( assuming it was a problem with HttpURLConnection ).

Reason I ask is that we are still running JDK 1.3.1_08 on Solaris SPARC.

Anyway, I'm still confused.
Anyone care to enlighten me ?



To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org

The information in this email is confidential and may be legally privileged.  Access to this
email by anyone other than the intended addressee is unauthorized.  If you are not the intended
recipient of this message, any review, disclosure, copying, distribution, retention, or any
action taken or omitted to be taken in reliance on it is prohibited and may be unlawful. 
If you are not the intended recipient, please reply to or forward a copy of this message to
the sender and delete the message, any attachments, and any copies thereof from your system.

To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org

View raw message