[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15560157#comment-15560157 ] ASF subversion and git services commented on SOLR-9604: --- Commit 2b5fc01a5d6b1bb2245fa0d5cf854637020f0c97 in lucene-solr's branch refs/heads/branch_6x from [~mkhludnev] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=2b5fc01 ] SOLR-9604,SOLR-9608: fix HttpSolrClientConPoolTest.testPoolSize() > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604-6x.patch, SOLR-9604.patch, SOLR-9604.patch, > fails with null.png > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15560148#comment-15560148 ] ASF subversion and git services commented on SOLR-9604: --- Commit d8bb56d4ad3177b34349fa106cdb3edfe9c711df in lucene-solr's branch refs/heads/master from [~mkhludnev] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=d8bb56d ] SOLR-9604,SOLR-9608: fix HttpSolrClientConPoolTest.testPoolSize() > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604-6x.patch, SOLR-9604.patch, SOLR-9604.patch, > fails with null.png > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15559445#comment-15559445 ] ASF subversion and git services commented on SOLR-9604: --- Commit f22b1da261b93f60687431b161828e2fb27fdc8f in lucene-solr's branch refs/heads/master from [~romseygeek] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=f22b1da ] SOLR-9604,SOLR-9608: Ensure SSL connections are re-used Fix ConnectionReuseTest. Add coverage for all SolrClients. Remove explicit cacheKey for HttpRequestContext, make it singleton. > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604-6x.patch, SOLR-9604.patch, SOLR-9604.patch, > fails with null.png > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15554599#comment-15554599 ] ASF subversion and git services commented on SOLR-9604: --- Commit b58ccc3906014fb13ecffe17ae989ea7d07b814e in lucene-solr's branch refs/heads/branch_6x from [~romseygeek] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=b58ccc3 ] SOLR-9604,SOLR-9608: Ensure SSL connections are re-used. Fix ConnectionReuseTest. Add coverage for all SolrClients. Remove explicit cacheKey for HttpRequestContext, make it singleton. > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604-6x.patch, SOLR-9604.patch, SOLR-9604.patch, > fails with null.png > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15549766#comment-15549766 ] Alan Woodward commented on SOLR-9604: - My commit didn't take into account CloudSolrClient, which also needs fixing here, and broke TestConnectionReuse (except when it selected CSC to test, which it obviously did when I ran things locally), so I've backed it out. > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604.patch, SOLR-9604.patch, fails with null.png > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15549757#comment-15549757 ] ASF subversion and git services commented on SOLR-9604: --- Commit 36b3b0884a8f745bc137db1b1dc9890a59fa0895 in lucene-solr's branch refs/heads/master from [~romseygeek] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=36b3b08 ] Revert "SOLR-9604: Ensure SSL connections are re-used" This reverts commit 0eb6b1c823d347319cc0894b5fea95f085d4c8d4, which was causing test failures in ConnectionReuseTest - see SOLR-9608 > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604.patch, SOLR-9604.patch, fails with null.png > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15549559#comment-15549559 ] Mikhail Khludnev commented on SOLR-9604: bq. OK, not being able to reproduce this behaviour at all locally And I probably know [why|SOLR-9039] > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604.patch, SOLR-9604.patch, fails with null.png > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15549340#comment-15549340 ] Mikhail Khludnev commented on SOLR-9604: Sigh.. > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604.patch, SOLR-9604.patch, fails with null.png > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15549309#comment-15549309 ] Hoss Man commented on SOLR-9604: bq. also, it's worth to remove @RandomSSL from HttpSolrClientSSLAuthConPoolTest to make it really random. bq. I think it's worth keeping the RandomizeSSL annotation on this test though, as it's only really applicable to SSL+clientAuth situations. Agreed, but I think I also see Mikhail's point: from a coverage standpoint, it would be nice to have a test that helps ensure we are re-using connection pools *regardless* of whether SSL+clientAuth is used or not (ie: as the test stands now, we only ensure they are re-used with SSL, some future bug could break connection re-use for non-ssl connections and we'd never know -- heck: in theory the changes in this fix for SSL connection reuse could be breaking connection reuse for non-SSL requests, and we wouldn't know it.) So perhaps refactor the current {{HttpSolrClientSSLAuthConPoolTest}} class into a {{HttpSolrClientConPoolTest}} that uses the default SSL randomization, and then make {{HttpSolrClientSSLAuthConPoolTest}} a subclass that forces {{\@RandomizeSSL(1.0)}} ? (along with a "test the test" sanity assertion that the urls start with "https") > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604.patch, SOLR-9604.patch, fails with null.png > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15549254#comment-15549254 ] ASF subversion and git services commented on SOLR-9604: --- Commit 0eb6b1c823d347319cc0894b5fea95f085d4c8d4 in lucene-solr's branch refs/heads/master from [~romseygeek] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=0eb6b1c ] SOLR-9604: Ensure SSL connections are re-used > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604.patch, SOLR-9604.patch, fails with null.png > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15549231#comment-15549231 ] Mikhail Khludnev commented on SOLR-9604: No problem. Feel free to push in master what you have, I'll take care about porting to branch_6x > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604.patch, SOLR-9604.patch, fails with null.png > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15549219#comment-15549219 ] Alan Woodward commented on SOLR-9604: - OK, not being able to reproduce this behaviour at all locally is making this quite tricky to write - [~mkhludnev] do you think you'll have any time to backport the above patch to 6.x? > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604.patch, SOLR-9604.patch, fails with null.png > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15548917#comment-15548917 ] Alan Woodward commented on SOLR-9604: - Ah, of course, 6.x is using a completely different way of configuring HttpClients... I'll put up a separate 6.x patch shortly. > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604.patch, SOLR-9604.patch, fails with null.png > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15548705#comment-15548705 ] Alan Woodward commented on SOLR-9604: - Спасибо! I'll commit this shortly, and then we can try removing the SuppressSSL annotation from some tests and see if they pass. I think it's worth keeping the RandomizeSSL annotation on this test though, as it's only really applicable to SSL+clientAuth situations. > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604.patch, SOLR-9604.patch, fails with null.png > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15548604#comment-15548604 ] Mikhail Khludnev commented on SOLR-9604: also, it's worth to remove \@RandomSSL from HttpSolrClientSSLAuthConPoolTest to make it really random. > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604.patch > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15548422#comment-15548422 ] Mikhail Khludnev commented on SOLR-9604: ok. my fault. Now I see. The patch amends arguments of public methods, what's about API compatibility? > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604.patch > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15548409#comment-15548409 ] Alan Woodward commented on SOLR-9604: - It's there in the patch: {code} diff --git a/solr/solrj/src/java/org/apache/solr/client/solrj/impl/HttpClientUtil.java b/solr/solrj/src/java/org/apache/solr/client/solrj/impl/HttpClientUtil.java index b9580b8..0f738c2 100644 --- a/solr/solrj/src/java/org/apache/solr/client/solrj/impl/HttpClientUtil.java +++ b/solr/solrj/src/java/org/apache/solr/client/solrj/impl/HttpClientUtil.java @@ -198,7 +198,12 @@ public class HttpClientUtil { * configuration (no additional configuration) is created. */ public static CloseableHttpClient createClient(SolrParams params) { -return createClient(params, new PoolingHttpClientConnectionManager(schemaRegistryProvider.getSchemaRegistry())); +return createClient(params, createPoolingConnectionManager()); + } + + /** test usage subject to change @lucene.experimental */ + static PoolingHttpClientConnectionManager createPoolingConnectionManager() { +return new PoolingHttpClientConnectionManager(schemaRegistryProvider.getSchemaRegistry()); } public static CloseableHttpClient createClient(SolrParams params, PoolingHttpClientConnectionManager cm) { @@ -396,10 +401,17 @@ public class HttpClientUtil { } /** - * + * Create a HttpClientContext object + * + * If the client is going to be re-used, then you should pass in an object that + * can be used by internal connection pools as a cache key. This is particularly + * important if client authentication is enabled, as SSL connections will not + * be re-used if no cache key is provided. + * + * @param cacheKey an Object to be used as a cache key for pooling connections */ - public static HttpClientContext createNewHttpClientRequestContext() { -return httpClientRequestContextBuilder.createContext(); + public static HttpClientContext createNewHttpClientRequestContext(Object cacheKey) { +return httpClientRequestContextBuilder.createContext(cacheKey); } {code} > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604.patch > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15548270#comment-15548270 ] Mikhail Khludnev commented on SOLR-9604: seems nice. but I couldn't find a method definition for {code} HttpClientUtil.createNewHttpClientRequestContext(null) {code} couldn't you forget to {{git add}} ? > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604.patch > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9604) Pooled SSL connections are not being reused with client authentication
[ https://issues.apache.org/jira/browse/SOLR-9604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15548153#comment-15548153 ] Alan Woodward commented on SOLR-9604: - The concurrent client in DistributedUpdateProcessor actually already uses the HttpClient object from UpdateHandler, so I think this is ready to go. > Pooled SSL connections are not being reused with client authentication > -- > > Key: SOLR-9604 > URL: https://issues.apache.org/jira/browse/SOLR-9604 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) >Reporter: Alan Woodward >Assignee: Alan Woodward > Attachments: SOLR-9604.patch > > > Solr isn't setting user tokens on any of its HttpClientContext objects when > requested new http connections. This means that when SSL + client > authentication is used, HttpClient is creating a new connection on every > request, to ensure that authentication tokens aren't shared between different > users. We end up with lots of unused open connections in the connection > pool, leading to slowness and out-of-memory errors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org