SSL socket timeouts with SolrJ usage of HttpClient

Thu, 09 Apr 2015 07:48:51 -0700 

Hi Oleg,

I've been looking at the tickets for potential issues with SSL socket
timeout values not being honored in some versions of HttpClient, and I must
say I'm not clear where things stand.

I have a ManifoldCF user who is seeing socket read timeouts when using
SSL.  The stack in that case involves the Solr client library (SolrJ).  I
am passing in an HttpClient instance that's already built:

>>>>>>
    RequestConfig.Builder requestBuilder = RequestConfig.custom()
      .setCircularRedirectsAllowed(true)
      .setSocketTimeout(socketTimeout)
      .setStaleConnectionCheckEnabled(true)
      .setExpectContinueEnabled(true)
      .setConnectTimeout(connectionTimeout)
      .setConnectionRequestTimeout(socketTimeout);

      HttpClientBuilder clientBuilder = HttpClients.custom()
        .setConnectionManager(connectionManager)
        .setMaxConnTotal(1)
        .disableAutomaticRetries()
        .setDefaultRequestConfig(requestBuilder.build())
        .setRedirectStrategy(new DefaultRedirectStrategy())
        .setSSLSocketFactory(myFactory)
        .setRequestExecutor(new HttpRequestExecutor(socketTimeout))
        .setDefaultSocketConfig(SocketConfig.custom()
          .setTcpNoDelay(true)
          .setSoTimeout(socketTimeout)
          .build()
        );


    if (userID != null && userID.length() > 0 && password != null)
    {
      CredentialsProvider credentialsProvider = new
BasicCredentialsProvider();
      Credentials credentials = new UsernamePasswordCredentials(userID,
password);
      if (realm != null)
        credentialsProvider.setCredentials(new
AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, realm), credentials);
      else
        credentialsProvider.setCredentials(AuthScope.ANY, credentials);

      clientBuilder.setDefaultCredentialsProvider(credentialsProvider);
    }

    HttpClient localClient = clientBuilder.build();
<<<<<<

It is remotely possible that SolrJ is modifying a parameter in the client,
which I am aware would invalidate the builder-based configuration.  So my
question is simple: IF the HttpClient instance is *not* being configured in
SolrJ, would you expect the socket timeout to be honored for SSL requests,
on the current codebase?  Was there ever a time when that was not true?  If
there's a buried default SSL socket timeout value that would be used if
configuration was overridden by setting a parameter, what is that value?

Thanks again for your help.

Karl

Reply via email to