Repository: tomee Updated Branches: refs/heads/tomee-1.7.x 1a633869b -> 41d223eff
TOMEE-1623 ensuring to reuse the same ssl socket factory accross connection to be aligned on JVM caching key for keep alive - this map is quite static which is not that good for server usage but all client is done this way, we should add classloader as key somewhere Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/6f4a535f Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/6f4a535f Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/6f4a535f Branch: refs/heads/tomee-1.7.x Commit: 6f4a535fac33f67012a130feac869f64d67d0c50 Parents: 1a63386 Author: Romain Manni-Bucau <rmann...@starbucks.com> Authored: Thu Aug 6 03:09:47 2015 -0700 Committer: Jonathan Gallimore <j...@jrg.me.uk> Committed: Sat Aug 27 22:46:48 2016 +0100 ---------------------------------------------------------------------- .../openejb/client/HttpConnectionFactory.java | 21 +++++++++++++++++--- .../openejb/client/HttpsConnectionTest.java | 4 +++- 2 files changed, 21 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/tomee/blob/6f4a535f/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java ---------------------------------------------------------------------- diff --git a/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java b/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java index 7eee7dd..a576f13 100644 --- a/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java +++ b/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java @@ -28,26 +28,32 @@ import java.net.URL; import java.security.KeyManagementException; import java.security.NoSuchAlgorithmException; import java.util.Map; +import java.util.concurrent.ConcurrentHashMap; +import java.util.concurrent.ConcurrentMap; /** * @version $Revision$ $Date$ */ public class HttpConnectionFactory implements ConnectionFactory { + // this map only ensures JVM keep alive socket caching works properly + private final ConcurrentMap<URI, SSLSocketFactory> socketFactoryMap = new ConcurrentHashMap<>(); @Override public Connection getConnection(final URI uri) throws IOException { - return new HttpConnection(uri); + return new HttpConnection(uri, socketFactoryMap); } public static class HttpConnection implements Connection { + private final ConcurrentMap<URI, SSLSocketFactory> socketFactoryMap; private HttpURLConnection httpURLConnection; private InputStream inputStream; private OutputStream outputStream; private final URI uri; - public HttpConnection(final URI uri) throws IOException { + public HttpConnection(final URI uri, final ConcurrentMap<URI, SSLSocketFactory> socketFactoryMap) throws IOException { this.uri = uri; + this.socketFactoryMap = socketFactoryMap; final URL url = uri.toURL(); final Map<String, String> params; @@ -75,7 +81,16 @@ public class HttpConnectionFactory implements ConnectionFactory { if (params.containsKey("sslKeyStore") || params.containsKey("sslTrustStore")) { try { - ((HttpsURLConnection) httpURLConnection).setSSLSocketFactory(new SSLContextBuilder(params).build().getSocketFactory()); + SSLSocketFactory sslSocketFactory = socketFactoryMap.get(uri); + if (sslSocketFactory == null) { + sslSocketFactory = new SSLContextBuilder(params).build().getSocketFactory(); + final SSLSocketFactory existing = socketFactoryMap.putIfAbsent(uri, sslSocketFactory); + if (existing != null) { + sslSocketFactory = existing; + } + } + + ((HttpsURLConnection) httpURLConnection).setSSLSocketFactory(sslSocketFactory); } catch (final NoSuchAlgorithmException e) { throw new ClientRuntimeException(e.getMessage(), e); } catch (final KeyManagementException e) { http://git-wip-us.apache.org/repos/asf/tomee/blob/6f4a535f/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsConnectionTest.java ---------------------------------------------------------------------- diff --git a/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsConnectionTest.java b/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsConnectionTest.java index 1ef609c..311ae3a 100644 --- a/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsConnectionTest.java +++ b/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsConnectionTest.java @@ -57,10 +57,11 @@ public class HttpsConnectionTest { @Test public void testHttps() throws URISyntaxException, IOException { + final HttpConnectionFactory factory = new HttpConnectionFactory(); final String url = "https://"; + SERVER + ":" + SERVER_PORT + "/secure" + "?sslKeyStore=" + STORE_PATH + "&sslKeyStorePassword=" + STORE_PWD + "&sslKeyStoreProvider=SunX509&sslKeyStoreType=jks" + "&sslTrustStore=" + STORE_PATH + "&sslTrustStorePassword=" + STORE_PWD + "&readTimeout=500"; - final Connection connection = new HttpConnectionFactory().getConnection(new URI(url)); + Connection connection = new HttpConnectionFactory().getConnection(new URI(url)); BufferedReader br = null; final StringBuilder sb = new StringBuilder(); @@ -80,6 +81,7 @@ public class HttpsConnectionTest { e.printStackTrace(); } } + connection.close(); } Assert.assertTrue("should contain", sb.toString().contains("secure"));
