tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 44285] New: - ssl.SessionId Cache Control
Date Wed, 23 Jan 2008 13:29:19 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=44285>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=44285

           Summary: ssl.SessionId Cache Control
           Product: Tomcat 6
           Version: unspecified
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: major
          Priority: P2
         Component: Connectors
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: yuvalperlov@gmail.com


There is no way to control the ssl.SessionId cache size.
The default Sun JVM behavior is too keep a SoftReference cache that grows as much as it can.
This has 
a performance impact since the GC works harder because of the heap size.

The result is that with a system that has a lot of https clients, the memory grows to a very
large size:
We have 700K of SessionIds in memory consuming a little over 800MB !!!

I think the connector should have attributes that let me control the max time and size ssl.sessionid
are 
kept (for reference, websphere let's you do that).

Another useful feature would be to let me explicitly invalidate a ssl.sessionid (during the
request life 
cycle).

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message