You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by rm...@apache.org on 2015/08/06 12:10:05 UTC
tomee git commit: TOMEE-1623 ensuring to reuse the same ssl socket
factory accross connection to be aligned on JVM caching key for keep alive -
this map is quite static which is not that good for server usage but all
client is done this way, we should ad
Repository: tomee
Updated Branches:
refs/heads/master 11eb5d617 -> 14b290dac
TOMEE-1623 ensuring to reuse the same ssl socket factory accross connection to be aligned on JVM caching key for keep alive - this map is quite static which is not that good for server usage but all client is done this way, we should add classloader as key somewhere
Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/14b290da
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/14b290da
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/14b290da
Branch: refs/heads/master
Commit: 14b290dac8d54cdb2d20a779e4b7cec85bb967dc
Parents: 11eb5d6
Author: Romain Manni-Bucau <rm...@starbucks.com>
Authored: Thu Aug 6 03:09:47 2015 -0700
Committer: Romain Manni-Bucau <rm...@starbucks.com>
Committed: Thu Aug 6 03:09:47 2015 -0700
----------------------------------------------------------------------
.../openejb/client/HttpConnectionFactory.java | 24 ++++++++++++++++----
.../openejb/client/HttpsConnectionTest.java | 6 +++--
2 files changed, 24 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tomee/blob/14b290da/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java
----------------------------------------------------------------------
diff --git a/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java b/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java
index 5f402f0..93a3aae 100644
--- a/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java
+++ b/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java
@@ -17,7 +17,8 @@
*/
package org.apache.openejb.client;
-import javax.net.ssl.*;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLSocketFactory;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
@@ -28,26 +29,32 @@ import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
/**
* @version $Revision$ $Date$
*/
public class HttpConnectionFactory implements ConnectionFactory {
+ // this map only ensures JVM keep alive socket caching works properly
+ private final ConcurrentMap<URI, SSLSocketFactory> socketFactoryMap = new ConcurrentHashMap<>();
@Override
public Connection getConnection(final URI uri) throws IOException {
- return new HttpConnection(uri);
+ return new HttpConnection(uri, socketFactoryMap);
}
public static class HttpConnection implements Connection {
+ private final ConcurrentMap<URI, SSLSocketFactory> socketFactoryMap;
private HttpURLConnection httpURLConnection;
private InputStream inputStream;
private OutputStream outputStream;
private final URI uri;
- public HttpConnection(final URI uri) throws IOException {
+ public HttpConnection(final URI uri, final ConcurrentMap<URI, SSLSocketFactory> socketFactoryMap) throws IOException {
this.uri = uri;
+ this.socketFactoryMap = socketFactoryMap;
final URL url = uri.toURL();
final Map<String, String> params;
@@ -75,7 +82,16 @@ public class HttpConnectionFactory implements ConnectionFactory {
if (params.containsKey("sslKeyStore") || params.containsKey("sslTrustStore")) {
try {
- ((HttpsURLConnection) httpURLConnection).setSSLSocketFactory(new SSLContextBuilder(params).build().getSocketFactory());
+ SSLSocketFactory sslSocketFactory = socketFactoryMap.get(uri);
+ if (sslSocketFactory == null) {
+ sslSocketFactory = new SSLContextBuilder(params).build().getSocketFactory();
+ final SSLSocketFactory existing = socketFactoryMap.putIfAbsent(uri, sslSocketFactory);
+ if (existing != null) {
+ sslSocketFactory = existing;
+ }
+ }
+
+ ((HttpsURLConnection) httpURLConnection).setSSLSocketFactory(sslSocketFactory);
} catch (final NoSuchAlgorithmException | KeyManagementException e) {
throw new ClientRuntimeException(e.getMessage(), e);
}
http://git-wip-us.apache.org/repos/asf/tomee/blob/14b290da/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsConnectionTest.java
----------------------------------------------------------------------
diff --git a/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsConnectionTest.java b/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsConnectionTest.java
index 1977ea7..934a0d9 100644
--- a/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsConnectionTest.java
+++ b/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsConnectionTest.java
@@ -57,10 +57,11 @@ public class HttpsConnectionTest {
@Test
public void testHttps() throws URISyntaxException, IOException {
- String url = "https://" + SERVER + ":" + SERVER_PORT + "/secure" +
+ final HttpConnectionFactory factory = new HttpConnectionFactory();
+ final String url = "https://" + SERVER + ":" + SERVER_PORT + "/secure" +
"?sslKeyStore=" + STORE_PATH + "&sslKeyStorePassword=" + STORE_PWD + "&sslKeyStoreProvider=SunX509&sslKeyStoreType=jks" +
"&sslTrustStore=" + STORE_PATH + "&sslTrustStorePassword=" + STORE_PWD + "&readTimeout=500";
- Connection connection = new HttpConnectionFactory().getConnection(new URI(url));
+ Connection connection = factory.getConnection(new URI(url));
BufferedReader br = null;
StringBuilder sb = new StringBuilder();
@@ -80,6 +81,7 @@ public class HttpsConnectionTest {
e.printStackTrace();
}
}
+ connection.close();
}
Assert.assertTrue("should contain", sb.toString().contains("secure"));