Hi Oleg,
Can you verify that the following code is not setting any parameter that
will have no effect because of the context in which I'm setting it? It's
not easy to determine this without looking through much code.
// Initialize standard solr-j.
// First, we need an HttpClient where basic auth is properly set up.
connectionManager = new PoolingHttpClientConnectionManager();
connectionManager.setMaxTotal(1);
connectionManager.setDefaultSocketConfig(SocketConfig.custom()
.setTcpNoDelay(true)
.setSoTimeout(socketTimeout)
.build());
SSLConnectionSocketFactory myFactory;
if (keystoreManager != null)
{
myFactory = new
SSLConnectionSocketFactory(keystoreManager.getSecureSocketFactory(),
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
}
else
{
// Use the trust everything one
myFactory = new
SSLConnectionSocketFactory(KeystoreManagerFactory.getTrustingSecureSocketFactory(),SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
}
RequestConfig.Builder requestBuilder = RequestConfig.custom()
.setCircularRedirectsAllowed(true)
.setSocketTimeout(socketTimeout)
.setStaleConnectionCheckEnabled(true)
.setExpectContinueEnabled(true)
.setConnectTimeout(connectionTimeout)
.setConnectionRequestTimeout(socketTimeout);
HttpClientBuilder clientBuilder = HttpClients.custom()
.setConnectionManager(connectionManager)
.setMaxConnTotal(1)
.disableAutomaticRetries()
.setDefaultRequestConfig(requestBuilder.build())
.setRedirectStrategy(new DefaultRedirectStrategy())
.setSSLSocketFactory(myFactory)
.setRequestExecutor(new HttpRequestExecutor(socketTimeout));
if (userID != null userID.length() 0 password != null)
{
CredentialsProvider credentialsProvider = new
BasicCredentialsProvider();
Credentials credentials = new UsernamePasswordCredentials(userID,
password);
if (realm != null)
credentialsProvider.setCredentials(new
AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, realm), credentials);
else
credentialsProvider.setCredentials(AuthScope.ANY, credentials);
clientBuilder.setDefaultCredentialsProvider(credentialsProvider);
}
HttpClient localClient = clientBuilder.build();
I'm also getting warnings now for setStaleConnectionCheckEnabled(true). It
looks like this is now a connection parameter too? Will all of my
setStaleConnectionCheckEnabled(true) calls now be invalid?
Karl
On Thu, Apr 9, 2015 at 3:03 PM, Oleg Kalnichevski ol...@apache.org wrote:
On Thu, 2015-04-09 at 10:41 -0400, Karl Wright wrote:
Hi Oleg,
I've been looking at the tickets for potential issues with SSL socket
timeout values not being honored in some versions of HttpClient, and I
must
say I'm not clear where things stand.
I have a ManifoldCF user who is seeing socket read timeouts when using
SSL. The stack in that case involves the Solr client library (SolrJ). I
am passing in an HttpClient instance that's already built:
RequestConfig.Builder requestBuilder = RequestConfig.custom()
.setCircularRedirectsAllowed(true)
.setSocketTimeout(socketTimeout)
.setStaleConnectionCheckEnabled(true)
.setExpectContinueEnabled(true)
.setConnectTimeout(connectionTimeout)
.setConnectionRequestTimeout(socketTimeout);
HttpClientBuilder clientBuilder = HttpClients.custom()
.setConnectionManager(connectionManager)
Karl,
If one explicitly assigns an already initialized connection manager
instance basically all connection manager parameters have no effect.
Please try setting default SocketConfig on connection manager directly.
Oleg
.setMaxConnTotal(1)
.disableAutomaticRetries()
.setDefaultRequestConfig(requestBuilder.build())
.setRedirectStrategy(new DefaultRedirectStrategy())
.setSSLSocketFactory(myFactory)
.setRequestExecutor(new HttpRequestExecutor(socketTimeout))
.setDefaultSocketConfig(SocketConfig.custom()
.setTcpNoDelay(true)
.setSoTimeout(socketTimeout)
.build()
);
if (userID != null userID.length() 0 password != null)
{
CredentialsProvider credentialsProvider = new
BasicCredentialsProvider();
Credentials credentials = new UsernamePasswordCredentials(userID,
password);
if (realm != null)
credentialsProvider.setCredentials(new
AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, realm), credentials);
else
credentialsProvider.setCredentials(AuthScope.ANY, credentials);
clientBuilder.setDefaultCredentialsProvider(credentialsProvider);
}
HttpClient localClient = clientBuilder.build();
It is remotely possible that SolrJ is modifying a parameter in the
client,
which I am aware would invalidate the