-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Bhavesh,
On 6/29/20 22:12, Bhavesh Mistry wrote: > Hi Mark, > > Thank you for responding. I have one more question. This is > spring-boot 2 application REST API server and it does not accept > Cookie or session (timeout is set to zero). Auth happens through > Authorized header. We have set 10mb for maxPostSize. Does > maxSavePostSize takes precedence over maxPostSize ? I will set > maxSavePostSize to -1 to disable it. Sounds like what you really want to use is: Expect: 100-continue And then only send the 10MiB payload if you get a "100 Continue" respons e. > Also, I have another question. When Payload is as large as 10mb > (json post), does payload body in JVM MEMORY or offloaded to > FileInputStream ? That depends upon how you are doing authentication. When you say authentication is done "through an authorized header", are you saying that Tomcat is performing the authentication or not? Is Tomcat saving the request and asking the client to authenticate) as it does with e.g. FORM login? Or does your application reject the request with a response header and the client has to re-try with the authenticated header AND the large JSON request again? - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl796fcACgkQHPApP6U8 pFjjJw/6AwoXu4eTXa86JvHn8qP1m9fls+AMjQBM3VePfEKxa0LibjiPGxwjsy7/ SstRvv+8rJ5Tan6IdGgSFr+BsHXDgWa/4Q+PirpjIjcO7xOMlvsHC0xaA8sNSKhD DbK0sCrrKuvixX3AwUCXz0wuTHrZBFmznvVkM0rh+/XXJxq5n5yd18J36KqIaR7d a1eef8cbPkPo+ds9ci3VYsy50TtEmI6tGdjQMMko1QxnXcUHzz/pTjDN5qttE4g1 +K9CI4zG8qYVuMEvoW+679knq9UUWLeeBO71T7TQea2WJkoyMw9UY2ksH7SIstlY +GhXs8/fWQ+YdZ+eYxnkuNXOOes8L/UvC0+Ea13Y8u1eiD7INXsGhc1gTrZ+ct16 i4jGM1GYhHMxFDsXcs5uhL1/7ew+EgTR3dBuNsrYKASN/5DTpIlcIa+xpqb2uoyL Irf9jGkRbNYneI52Woopf1SGAT+hCqGt7yiN7grVdyo3pUA82xqcuM/SwLilyEru LkkS6nQz1l2YUQi2U1OYwYdt3NxlD94FmGmhzEBPaw2hYvXwrPMBYTY3iuEueOqZ 2L3DE/K/f8CX+0ogJZKMU+KbZ2itW7DL1183AwiZx9Y19i1nr6pjyb7ius+f0zkr ML9x7mYrRLyL12kkwbLdOgx/xmsflOC1WQCElJ/sib7dS6V/skg= =ty2B -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org