tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: .net web service client calling Tomcat 7
Date Wed, 05 Jun 2013 07:50:25 GMT
Bean William R wrote:
>> Is there a RFC that describes best behaviour of server and client in this situation?
> 
> My guess is that the disagreement comes somewhere in RFC 2616 section 8.2.3 - Use of
the 100 (Continue) Status.  http://www.w3.org/Protocols/rfc2616/rfc2616-sec8.html
> 
>> On my opinion Tomcat behaves correctly. If client doesn't send proper credentials
it is dangerous and useless to read all input data.
> 
> That was our opinion for httpd as well.
> 
>> I've switched off the connection keep alive at Connector config. And now client doesn't
suffer by closing a socket. So this is a solution for "bad" .net client.
>> Jan.
> 
> Glad to hear!
> 

If there is any Windows-like authentication involved, it may affect the viability or at 
least the scalability of this solution.  Windows authentication is relatively 
resource-intensive, and requires the exchange of several messages on the same connection.

That is why it normally requires connection persistence (keepalive).
Disabling keepalive altogether may prevent Windows authentication from working at all, or

at last force multiple additional re-authentications for the same client.
That may not be important for you here, but it may come back to haunt you if you ever port

this application to a Windows-authenticated context.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message