tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: HTTP connection timout
Date Fri, 12 Jul 2013 08:16:10 GMT
Harsimranjit singh Kler wrote:
> Using tomcat 6.I Always confused with
> 
> connectionTimeout
> 
> The number of milliseconds this *Connector* will wait, after accepting a
> connection, for the request URI line to be presented. The default value is
> 60000 (i.e. 60 seconds).
> 
> Helpful if anyone can explain.?
> 
> Is there any connector parameter where i can set request timeout.?Rather
> than at application level timeout i want tomcat to timeout after certain
> period if request taking long time..
> 

The Connector's are "shared" by all Hosts and all applications.
So the connectionTimeout is already global for all requests that come in on the 
corresponding Connector port.

This parameter is there specifically to fight one type of Denial-Of-Service attack, 
whereby some malicious client(s) create a TCP connection to the server (which has the 
effect of reserving some resources on the server for handling this connection), and then 
just sit there without sending any HTTP request on that connection.
By making this delay shorter, you shorten the time during which the server resources are 
allocated, to serve a request that will never come.
This has to be balanced against legitimate clients which may be slow in sending the 
request line.  But 60 seconds is a really long time to wait for such legitimate client 
requests nowadays. You can probably lower that to 5000 (= 5 s.) without any ill effect on

the legitimate clients.

Note that as soon as the HTTP request line has been received, this timeout plays no role 
anymore. So it is not usable to limit the time that an application requires to process and

respond to the request.  As far as I know, there is no standard parameter available in 
Tomcat to do that.  Which is also rather understandable, because Tomcat has no idea what 
kind of delay makes sense for any particular application with any particular request 
parameters.  Only you would know that, on a call-by-call base.

Final note : if a browser makes a request to a HTTP server, and does not get any response

for about 5 minutes, the browser will time out and show an error message like "the server

is not responding" etc..




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message