You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@synapse.apache.org by Oleg Kalnichevski <ol...@apache.org> on 2007/02/11 14:47:30 UTC
HTTP NIO SSL update
Hi Asankha and all,
I just published the latest HttpCore snapshots to the Maven2 snapshot
repository. The patch attached below fixes the breakage in Synapse due
to some minor API changes in HttpCore.
I have one test that fails for me, though, when I run the latest Synapse
snapshot. As far as I can tell the changes in HttpCore are unlikely to
be the reason.
==============================================================================
Test set: org.apache.synapse.n2n.SynapseCommodityServiceTest
-------------------------------------------------------------------------------
Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0.407
sec <<< FAILURE!
testN2N(org.apache.synapse.n2n.SynapseCommodityServiceTest) Time
elapsed: 0.388 sec <<< ERROR!
java.lang.NumberFormatException: multiple points
at
sun.misc.FloatingDecimal.readJavaFormatString(FloatingDecimal.java:1084)
at java.lang.Float.parseFloat(Float.java:394)
==============================================================================
I also have the first cut at NIO SSL ready for review and testing. These
are the details of the new module:
GroupId: org.apache.httpcomponents
ArtifactId: jakarta-httpcore-niossl
Version: 4.0-alpha4-SNAPSHOT
I have run a number of tests on NIO SSL and it appears to be holding up
quite well for a first cut. At any rate, more real-life testing and some
feedback, positive or negative, would be highly welcome.
I should also mention that at the moment the SSL I/O session executes
all potentially blocking SSL handshake tasks on the main I/O thread [1].
I am aware of this problem and will be working on fixing this
deficiency. However, I would like to reduce the complexity of the
problem somewhat in order to be able to concentrate on the essential
transport aspects first (which are already complex enough), get them
reliably and then deal with non-essential aspects such as using helper
threads to run potentially blocking SSL handshake tasks off the main I/O
thread.
Cheers
Oleg
[1] https://issues.apache.org/jira/browse/HTTPCORE-26
Re: HTTP NIO SSL update
Posted by "Asankha C. Perera" <as...@wso2.com>.
Hi Oleg
> I just published the latest HttpCore snapshots to the Maven2 snapshot
> repository. The patch attached below fixes the breakage in Synapse due
> to some minor API changes in HttpCore.
>
Cool.. and many thanks! I will look into our unit test failure.. seems
like something else is wrong..
> GroupId: org.apache.httpcomponents
> ArtifactId: jakarta-httpcore-niossl
> Version: 4.0-alpha4-SNAPSHOT
>
> I have run a number of tests on NIO SSL and it appears to be holding up
> quite well for a first cut. At any rate, more real-life testing and some
> feedback, positive or negative, would be highly welcome.
>
I will be traveling this week in the US, but this is certainly one of my
highest priorities, and thus I will get back to you with the outcome of
our testing and use as soon as possible.
> I should also mention that at the moment the SSL I/O session executes
> all potentially blocking SSL handshake tasks on the main I/O thread [1].
> I am aware of this problem and will be working on fixing this
> deficiency. However, I would like to reduce the complexity of the
> problem somewhat in order to be able to concentrate on the essential
> transport aspects first (which are already complex enough), get them
> reliably and then deal with non-essential aspects such as using helper
> threads to run potentially blocking SSL handshake tasks off the main I/O
> thread.
>
Yes, I understand and totally agree..
regards
asankha
---------------------------------------------------------------------
To unsubscribe, e-mail: synapse-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: synapse-dev-help@ws.apache.org
Re: HTTP NIO SSL update
Posted by "Asankha C. Perera" <as...@wso2.com>.
Hi Oleg
> I'll be away for a week as of tomorrow. If do not end up breaking my
> neck snowboarding
Have a great time and enjoy your vacation!
> When I come back, I would like to get down to cutting the ALPHA4
> release, which would enable Synapse to depend on an official release
> instead of snapshots. ALPHA4 is quite likely to be the last ALPHA
> release of HttpCore. HttpCore APIs appear reasonable enough at this
> point, so we could start maintaining the full API compatibility past the
> ALPHA4 release.
>
I think this is a good time for it, and look forward to this.
regards
asankha
---------------------------------------------------------------------
To unsubscribe, e-mail: synapse-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: synapse-dev-help@ws.apache.org
Re: HTTP NIO SSL update
Posted by Oleg Kalnichevski <ol...@apache.org>.
On Thu, 2007-03-01 at 17:23 +0530, Asankha C. Perera wrote:
> Hi Oleg
> > When I come back, I would like to get down to cutting the ALPHA4
> > release, which would enable Synapse to depend on an official release
> > instead of snapshots. ALPHA4 is quite likely to be the last ALPHA
> > release of HttpCore. HttpCore APIs appear reasonable enough at this
> > point, so we could start maintaining the full API compatibility past the
> > ALPHA4 release.
> >
> I have filed two JIRAs (HTTPCORE-49 and 50) that we need for fail-over
> and throttling support in Synapse. Will it be possible to get these in
> for the final ALPHA4?
>
Absolutely. Besides, I would very much encourage you to take part in
HttpCore release votes and decisions what issues need to be fixed before
a new release can be cut.
Oleg
> thanks
> asankha
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: synapse-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: synapse-dev-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: synapse-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: synapse-dev-help@ws.apache.org
Re: HTTP NIO SSL update
Posted by "Asankha C. Perera" <as...@wso2.com>.
Hi Oleg
> When I come back, I would like to get down to cutting the ALPHA4
> release, which would enable Synapse to depend on an official release
> instead of snapshots. ALPHA4 is quite likely to be the last ALPHA
> release of HttpCore. HttpCore APIs appear reasonable enough at this
> point, so we could start maintaining the full API compatibility past the
> ALPHA4 release.
>
I have filed two JIRAs (HTTPCORE-49 and 50) that we need for fail-over
and throttling support in Synapse. Will it be possible to get these in
for the final ALPHA4?
thanks
asankha
---------------------------------------------------------------------
To unsubscribe, e-mail: synapse-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: synapse-dev-help@ws.apache.org
Re: HTTP NIO SSL update
Posted by Oleg Kalnichevski <ol...@apache.org>.
On Thu, 2007-02-22 at 12:16 +0530, Asankha C. Perera wrote:
> Hi Oleg
>
> I have updated the Synapse code to use the NIO SSL code and it works
> fine. Sorry for the delay in getting back to you on this, but this is
> indeed a great step for Synapse, thanks to you!
>
> I would next look into some performance aspects, and how to use mutual
> authentication and hostname verification, would post those questions
> on the HttpCore mailing list
>
> thanks
> asankha
>
Hi Asankha
I am really glad that things are progressing.
I'll be away for a week as of tomorrow. If do not end up breaking my
neck snowboarding, I should be back on-line Friday next week (March 2nd)
and will pick up any unanswered questions. Actually, Julius Davies on
the HttpComponents list may be a better source of information as far as
the SSL security is concerned.
When I come back, I would like to get down to cutting the ALPHA4
release, which would enable Synapse to depend on an official release
instead of snapshots. ALPHA4 is quite likely to be the last ALPHA
release of HttpCore. HttpCore APIs appear reasonable enough at this
point, so we could start maintaining the full API compatibility past the
ALPHA4 release.
Cheers
Oleg
> Oleg Kalnichevski wrote:
> > Hi Asankha and all,
> >
> > I just published the latest HttpCore snapshots to the Maven2 snapshot
> > repository. The patch attached below fixes the breakage in Synapse due
> > to some minor API changes in HttpCore.
> >
> > I have one test that fails for me, though, when I run the latest Synapse
> > snapshot. As far as I can tell the changes in HttpCore are unlikely to
> > be the reason.
> >
> > ==============================================================================
> > Test set: org.apache.synapse.n2n.SynapseCommodityServiceTest
> > -------------------------------------------------------------------------------
> > Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0.407
> > sec <<< FAILURE!
> > testN2N(org.apache.synapse.n2n.SynapseCommodityServiceTest) Time
> > elapsed: 0.388 sec <<< ERROR!
> > java.lang.NumberFormatException: multiple points
> > at
> > sun.misc.FloatingDecimal.readJavaFormatString(FloatingDecimal.java:1084)
> > at java.lang.Float.parseFloat(Float.java:394)
> > ==============================================================================
> >
> > I also have the first cut at NIO SSL ready for review and testing. These
> > are the details of the new module:
> >
> > GroupId: org.apache.httpcomponents
> > ArtifactId: jakarta-httpcore-niossl
> > Version: 4.0-alpha4-SNAPSHOT
> >
> > I have run a number of tests on NIO SSL and it appears to be holding up
> > quite well for a first cut. At any rate, more real-life testing and some
> > feedback, positive or negative, would be highly welcome.
> >
> > I should also mention that at the moment the SSL I/O session executes
> > all potentially blocking SSL handshake tasks on the main I/O thread [1].
> > I am aware of this problem and will be working on fixing this
> > deficiency. However, I would like to reduce the complexity of the
> > problem somewhat in order to be able to concentrate on the essential
> > transport aspects first (which are already complex enough), get them
> > reliably and then deal with non-essential aspects such as using helper
> > threads to run potentially blocking SSL handshake tasks off the main I/O
> > thread.
> >
> > Cheers
> >
> > Oleg
> >
> >
> > [1] https://issues.apache.org/jira/browse/HTTPCORE-26
> >
> >
> > ____________________________________________________________________
> >
> > Index: modules/nhttp/src/org/apache/axis2/transport/nhttp/HttpCoreNIOSender.java
> > ===================================================================
> > --- modules/nhttp/src/org/apache/axis2/transport/nhttp/HttpCoreNIOSender.java (revision 505951)
> > +++ modules/nhttp/src/org/apache/axis2/transport/nhttp/HttpCoreNIOSender.java (working copy)
> > @@ -26,16 +26,16 @@
> > import org.apache.axis2.transport.TransportSender;
> > import org.apache.axis2.transport.OutTransportInfo;
> > import org.apache.axiom.om.OMOutputFormat;
> > +import org.apache.http.impl.nio.DefaultClientIOEventDispatch;
> > +import org.apache.http.impl.nio.reactor.DefaultConnectingIOReactor;
> > import org.apache.http.nio.NHttpClientHandler;
> > import org.apache.http.nio.NHttpClientConnection;
> > -import org.apache.http.nio.impl.reactor.DefaultConnectingIOReactor;
> > -import org.apache.http.nio.impl.DefaultClientIOEventDispatch;
> > import org.apache.http.nio.reactor.ConnectingIOReactor;
> > import org.apache.http.nio.reactor.IOEventDispatch;
> > import org.apache.http.nio.reactor.SessionRequest;
> > import org.apache.http.HttpResponse;
> > import org.apache.http.HttpHost;
> > -import org.apache.http.impl.DefaultHttpParams;
> > +import org.apache.http.params.BasicHttpParams;
> > import org.apache.http.params.HttpParams;
> > import org.apache.http.params.HttpConnectionParams;
> > import org.apache.http.params.HttpProtocolParams;
> > @@ -114,7 +114,7 @@
> > * @return the applicable HTTP protocol parameters
> > */
> > private HttpParams getClientParameters() {
> > - HttpParams params = new DefaultHttpParams(null);
> > + HttpParams params = new BasicHttpParams();
> > params
> > .setIntParameter(HttpConnectionParams.SO_TIMEOUT, 30000)
> > .setIntParameter(HttpConnectionParams.CONNECTION_TIMEOUT, 10000)
> > Index: modules/nhttp/src/org/apache/axis2/transport/nhttp/HttpCoreNIOListener.java
> > ===================================================================
> > --- modules/nhttp/src/org/apache/axis2/transport/nhttp/HttpCoreNIOListener.java (revision 505951)
> > +++ modules/nhttp/src/org/apache/axis2/transport/nhttp/HttpCoreNIOListener.java (working copy)
> > @@ -23,15 +23,15 @@
> > import org.apache.axis2.transport.TransportListener;
> > import org.apache.commons.logging.Log;
> > import org.apache.commons.logging.LogFactory;
> > +import org.apache.http.params.BasicHttpParams;
> > import org.apache.http.params.HttpParams;
> > import org.apache.http.params.HttpConnectionParams;
> > import org.apache.http.params.HttpProtocolParams;
> > +import org.apache.http.impl.nio.DefaultServerIOEventDispatch;
> > +import org.apache.http.impl.nio.reactor.DefaultListeningIOReactor;
> > import org.apache.http.nio.reactor.IOEventDispatch;
> > import org.apache.http.nio.reactor.ListeningIOReactor;
> > -import org.apache.http.nio.impl.DefaultServerIOEventDispatch;
> > -import org.apache.http.nio.impl.reactor.DefaultListeningIOReactor;
> > import org.apache.http.nio.NHttpServiceHandler;
> > -import org.apache.http.impl.DefaultHttpParams;
> >
> > import java.io.InterruptedIOException;
> > import java.io.IOException;
> > @@ -88,7 +88,7 @@
> > * @return the applicable HTTP protocol parameters
> > */
> > private HttpParams getServerParameters() {
> > - HttpParams params = new DefaultHttpParams(null);
> > + HttpParams params = new BasicHttpParams();
> > params
> > .setIntParameter(HttpConnectionParams.SO_TIMEOUT, 30000)
> > .setIntParameter(HttpConnectionParams.SOCKET_BUFFER_SIZE, 8 * 1024)
> > Index: modules/nhttp/src/org/apache/axis2/transport/nhttp/ServerHandler.java
> > ===================================================================
> > --- modules/nhttp/src/org/apache/axis2/transport/nhttp/ServerHandler.java (revision 505951)
> > +++ modules/nhttp/src/org/apache/axis2/transport/nhttp/ServerHandler.java (working copy)
> > @@ -111,7 +111,10 @@
> >
> > // create the default response to this request
> > HttpVersion httpVersion = request.getRequestLine().getHttpVersion();
> > - HttpResponse response = responseFactory.newHttpResponse(httpVersion, HttpStatus.SC_OK);
> > + HttpResponse response = responseFactory.newHttpResponse(
> > + httpVersion,
> > + HttpStatus.SC_OK,
> > + context);
> > response.setParams(this.params);
> >
> > // create a basic HttpEntity using the source channel of the response pipe
> > @@ -237,9 +240,13 @@
> > * @param e the exception encountered
> > */
> > public void exception(final NHttpServerConnection conn, final HttpException e) {
> > + HttpContext context = conn.getContext();
> > HttpRequest request = conn.getHttpRequest();
> > HttpVersion ver = request.getRequestLine().getHttpVersion();
> > - HttpResponse response = responseFactory.newHttpResponse(ver, HttpStatus.SC_BAD_REQUEST);
> > + HttpResponse response = responseFactory.newHttpResponse(
> > + ver,
> > + HttpStatus.SC_BAD_REQUEST,
> > + context);
> > byte[] msg = EncodingUtils.getAsciiBytes("Malformed HTTP request: " + e.getMessage());
> > ByteArrayEntity entity = new ByteArrayEntity(msg);
> > entity.setContentType("text/plain; charset=US-ASCII");
> >
> >
> >
> > ____________________________________________________________________
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: synapse-dev-unsubscribe@ws.apache.org
> > For additional commands, e-mail: synapse-dev-help@ws.apache.org
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: synapse-dev-unsubscribe@ws.apache.org For
> additional commands, e-mail: synapse-dev-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: synapse-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: synapse-dev-help@ws.apache.org