[jira] [Commented] (CALCITE-2503) AvaticaCommonsHttpClientImpl client needs to set user-token on HttpClientContext before sending the request

Wed, 29 Aug 2018 13:01:25 -0700 


    [ 
https://issues.apache.org/jira/browse/CALCITE-2503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16596790#comment-16596790
 ] 

ASF GitHub Bot commented on CALCITE-2503:
-----------------------------------------

Github user karanmehta93 commented on the issue:

    https://github.com/apache/calcite-avatica/pull/67
  
    >  I don't think I did any perf testing when I was wiring up the SPNEGO 
authn, so that would explain how this slipped by.
    
    If you were using TLS and not MTLS, you would not still find the issue. 
This is a really corner case and very hard to get into unless we have a 
specific use case :)
    
    > Yeah, I don't have any good suggestions either. If tests are passing, 
that's good enough for me this time
    
    Cool. Thanks for the review! Updated the PR as well
    
    > That could be expanded to also include some perf testing (coarse results, 
of course). Something to keep in the back of our minds, I think.
    
    Sure. Will do. Will be good if you can point me to that.


> AvaticaCommonsHttpClientImpl client needs to set user-token on 
> HttpClientContext before sending the request
> -----------------------------------------------------------------------------------------------------------
>
>                 Key: CALCITE-2503
>                 URL: https://issues.apache.org/jira/browse/CALCITE-2503
>             Project: Calcite
>          Issue Type: Improvement
>            Reporter: Karan Mehta
>            Assignee: Karan Mehta
>            Priority: Major
>         Attachments: CALCITE-2503.001.patch
>
>
> One of the Avatica client implementations, AvaticaCommonsHttpClientImpl, uses 
> a PoolingHttpClientConnectionManager. When using mutual authentication on the 
> client pool, we need to ensure that we are setting a user-token on the 
> HttpClientContext, otherwise it ends up creating a new connection everytime 
> and not reusing it. See:  
> [https://hc.apache.org/httpcomponents-client-ga/tutorial/html/advanced.html] 
> for more details
> This results in significant perf degradation since every new connection tries 
> to complete a SSL handshake (which is expensive)
> See: 
> https://stackoverflow.com/questions/548029/how-much-overhead-does-ssl-impose



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to