hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: SSL socket timeouts with SolrJ usage of HttpClient
Date Fri, 10 Apr 2015 13:35:24 GMT
On Thu, 2015-04-09 at 16:15 -0400, Karl Wright wrote:
> Hi Oleg,
> 
> Can you verify that the following code is not setting any parameter that
> will have no effect because of the context in which I'm setting it?  It's
> not easy to determine this without looking through much code.
> 
> >>>>>>
>     // Initialize standard solr-j.
>     // First, we need an HttpClient where basic auth is properly set up.
>     connectionManager = new PoolingHttpClientConnectionManager();
>     connectionManager.setMaxTotal(1);
>     connectionManager.setDefaultSocketConfig(SocketConfig.custom()
>       .setTcpNoDelay(true)
>       .setSoTimeout(socketTimeout)
>       .build());
> 
>     SSLConnectionSocketFactory myFactory;
>     if (keystoreManager != null)
>     {
>       myFactory = new
> SSLConnectionSocketFactory(keystoreManager.getSecureSocketFactory(),
> SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
>     }
>     else
>     {
>       // Use the "trust everything" one
>       myFactory = new
> SSLConnectionSocketFactory(KeystoreManagerFactory.getTrustingSecureSocketFactory(),SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
>     }
> 
>
>     RequestConfig.Builder requestBuilder = RequestConfig.custom()
>       .setCircularRedirectsAllowed(true)
>       .setSocketTimeout(socketTimeout)
>       .setStaleConnectionCheckEnabled(true)
>       .setExpectContinueEnabled(true)
>       .setConnectTimeout(connectionTimeout)
>       .setConnectionRequestTimeout(socketTimeout);
> 
>     HttpClientBuilder clientBuilder = HttpClients.custom()
>       .setConnectionManager(connectionManager)
>       .setMaxConnTotal(1)
>       .disableAutomaticRetries()
>       .setDefaultRequestConfig(requestBuilder.build())
>       .setRedirectStrategy(new DefaultRedirectStrategy())
>       .setSSLSocketFactory(myFactory)

Connection socket factory should also be configured on connection
manager directly. Otherwise it will have no effect.

Here's the relevant bit in the HttpClientBuilder
http://hc.apache.org/httpcomponents-client-4.4.x/httpclient/xref/org/apache/http/impl/client/HttpClientBuilder.html#891


>       .setRequestExecutor(new HttpRequestExecutor(socketTimeout));
> 
> 
>     if (userID != null && userID.length() > 0 && password != null)
>     {
>       CredentialsProvider credentialsProvider = new
> BasicCredentialsProvider();
>       Credentials credentials = new UsernamePasswordCredentials(userID,
> password);
>       if (realm != null)
>         credentialsProvider.setCredentials(new
> AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, realm), credentials);
>       else
>         credentialsProvider.setCredentials(AuthScope.ANY, credentials);
> 
>       clientBuilder.setDefaultCredentialsProvider(credentialsProvider);
>     }
> 
>     HttpClient localClient = clientBuilder.build();
> <<<<<<
> 
> I'm also getting warnings now for setStaleConnectionCheckEnabled(true).  It
> looks like this is now a connection parameter too?  Will all of my
> setStaleConnectionCheckEnabled(true) calls now be invalid?
> 

No, they will not. However, indiscriminate stale checks tend to be very
expensive. You should let the connection manager validate connections
upon their lease after a certain period of inactivity using 4.4 APIs.

Hope this helps

Oleg



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message