hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: SSL socket timeouts with SolrJ usage of HttpClient
Date Thu, 09 Apr 2015 19:03:03 GMT
On Thu, 2015-04-09 at 10:41 -0400, Karl Wright wrote:
> Hi Oleg,
> 
> I've been looking at the tickets for potential issues with SSL socket
> timeout values not being honored in some versions of HttpClient, and I must
> say I'm not clear where things stand.
> 
> I have a ManifoldCF user who is seeing socket read timeouts when using
> SSL.  The stack in that case involves the Solr client library (SolrJ).  I
> am passing in an HttpClient instance that's already built:
> 
> >>>>>>
>     RequestConfig.Builder requestBuilder = RequestConfig.custom()
>       .setCircularRedirectsAllowed(true)
>       .setSocketTimeout(socketTimeout)
>       .setStaleConnectionCheckEnabled(true)
>       .setExpectContinueEnabled(true)
>       .setConnectTimeout(connectionTimeout)
>       .setConnectionRequestTimeout(socketTimeout);
> 
>       HttpClientBuilder clientBuilder = HttpClients.custom()
>         .setConnectionManager(connectionManager)

Karl,
If one explicitly assigns an already initialized connection manager
instance basically all connection manager parameters have no effect.
Please try setting default SocketConfig on connection manager directly.

Oleg 


>         .setMaxConnTotal(1)
>         .disableAutomaticRetries()
>         .setDefaultRequestConfig(requestBuilder.build())
>         .setRedirectStrategy(new DefaultRedirectStrategy())
>         .setSSLSocketFactory(myFactory)
>         .setRequestExecutor(new HttpRequestExecutor(socketTimeout))
>         .setDefaultSocketConfig(SocketConfig.custom()
>           .setTcpNoDelay(true)
>           .setSoTimeout(socketTimeout)
>           .build()
>         );
> 
> 
>     if (userID != null && userID.length() > 0 && password != null)
>     {
>       CredentialsProvider credentialsProvider = new
> BasicCredentialsProvider();
>       Credentials credentials = new UsernamePasswordCredentials(userID,
> password);
>       if (realm != null)
>         credentialsProvider.setCredentials(new
> AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, realm), credentials);
>       else
>         credentialsProvider.setCredentials(AuthScope.ANY, credentials);
> 
>       clientBuilder.setDefaultCredentialsProvider(credentialsProvider);
>     }
> 
>     HttpClient localClient = clientBuilder.build();
> <<<<<<
> 
> It is remotely possible that SolrJ is modifying a parameter in the client,
> which I am aware would invalidate the builder-based configuration.  So my
> question is simple: IF the HttpClient instance is *not* being configured in
> SolrJ, would you expect the socket timeout to be honored for SSL requests,
> on the current codebase?  

yes.

> Was there ever a time when that was not true?  If

No.

> there's a buried default SSL socket timeout value that would be used if
> configuration was overridden by setting a parameter, what is that value?
> 

SSL handshake as well as CONNECT message exchange use socket timeout set
by the connection manager. Request level settings apply only once a
connection has been fully established and routed.

Hope this helps.

Oleg 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message