[jira] [Updated] (JENA-218) Fuseki should allow timeouts to be specified on a per-request basis

Thu, 18 Jul 2013 06:21:55 -0700 

     [ 
https://issues.apache.org/jira/browse/JENA-218?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Alexander Dutton updated JENA-218:
----------------------------------

    Attachment: jena-218-default-timeout.diff

This patch changes a few things with respect to how Fuseki handles timeouts, 
and configuring them:

* an invalid Timeout header or parameter now results in a 400 (Bad Request), 
not a 500.
* an empty timeout parameter is ignored (so HTML forms can include an empty 
timeout field)
* sparql.{html,tpl} now include a timeout field
* better logging (shows how each service is configured, and request logs say 
when a timeout has been applied)
* (another) way to set a default timeout (using fu:defaultTimeout)
* HttpAction now has a timeout property, set by setAnyTimeouts, and used to 
construct log messages and HTTP error responses.

Documentation to follow…
                
> Fuseki should allow timeouts to be specified on a per-request basis
> -------------------------------------------------------------------
>
>                 Key: JENA-218
>                 URL: https://issues.apache.org/jira/browse/JENA-218
>             Project: Apache Jena
>          Issue Type: Improvement
>          Components: Fuseki
>    Affects Versions: Fuseki 0.2.1
>            Reporter: Alexander Dutton
>              Labels: needsdocumentation, timeout
>         Attachments: config-tdb.ttl, jena-218-1.diff, 
> jena-218-default-timeout.diff
>
>
> A query endpoint might want to have different timeouts depending on whether 
> queries are from untrusted or trusted users, or maintenance processes. The 
> timeout could be passed with an X- header, a Timeout header as per 
> http://tools.ietf.org/html/draft-loreto-http-timeout-00, or a query 
> parameter, respecting the system default if none is provided. The query 
> parameter might be less favourable as it'd be harder to filter out for Fuseki 
> instances behind Apache.
> There is a risk that changing the behaviour to allow timeouts to be 
> overridden will lead to DoSs of query endpoints open to the world to some 
> extent. This can be mitigated by defaulting to disallowing timeout overrides.
> I'm happy to put a patch together and document it at 
> http://incubator.apache.org/jena/documentation/serving_data/.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to