【发布时间】:2012-11-07 19:51:18
【问题描述】:
我正在使用带有JERSEY Client + HTTPS 的JUnit 测试来测试在Jetty 上运行的secure web service。我对wr.get( ClientResponse.class) 的一个呼叫在9-10 requests 的每个块后挂起10 秒。等效的Apache client 代码在几毫秒内运行。如果我切换Jetty to HTTP 模式,问题就会消失。
我正在使用Jersey bundle & client 1.14 and Jetty 6.1.26
apache客户端工作
@Test
public void testApacheClient() throws Exception
{
HttpClient client = new HttpClient();
ProtocolSocketFactory socketFactory = new EasySSLProtocolSocketFactory();
Protocol https = new Protocol( "https", socketFactory, 443 );
Protocol.registerProtocol( "https", https );
//Finishes in < 1 second
for ( int i = 0; i < 30; i++ )
{
GetMethod getMethod = new GetMethod( "https://localhost:8443/home" );
client.executeMethod( getMethod );
String entity = getMethod.getResponseBodyAsString();
getMethod.releaseConnection();
}
}
泽西客户端挂起
@Test
public void testJerseyClient() throws Exception
HostnameVerifier hv = getHostnameVerifier();
ClientConfig config = new DefaultClientConfig();
SSLContext ctx = getSslContext();
config.getProperties().put( HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
new HTTPSProperties( hv, ctx ) );
Client jerseyClient = Client.create( config );
//Finishes in < 1 second
for ( int i = 0; i < 30; i++ )
{
WebResource wr = jerseyClient.resource( "https://www.google.com" );
ClientResponse cr = wr.get( ClientResponse.class );
String entity = cr.getEntity( String.class );
cr.close();
}
/* Pauses for 10 seconds after the 10th request, and subsequently after every 9th request.
Debugging shows waiting at line 'ClientResponse cr = ...'
*/
for ( int i = 0; i < 30; i++ )
{
WebResource wr = jerseyClient.resource( "https://localhost:8443/home" );
ClientResponse cr = wr.get( ClientResponse.class ); //10 second pause after requests 9, 18, 27
String entity = cr.getEntity( String.class ); //This is triggering the problem
cr.close();
}
//Finishes in < 1 second
for ( int i = 0; i < 30; i++ )
{
WebResource wr = jerseyClient.resource( "https://localhost:8443/home" );
ClientResponse cr = wr.get( ClientResponse.class );
cr.close();
}
}
从ClientResponse 检索实体似乎会触发问题,但仅限于HTTPS 模式并针对我的Web 服务器(不是google, facebook, etc)运行。我在Jetty 上运行了Jersey ServletContainer and Struts ActionServlet,两者都出现了问题。我还在 subnet 上的不同机器上运行 Web 服务器,并在多台机器上进行了单元测试。
Jersey HTTPS 类
private HostnameVerifier getHostnameVerifier() {
HostnameVerifier hv = new HostnameVerifier() {
public boolean verify( String arg0, SSLSession arg1 ) { return true; }
};
return hv;
}
private SSLContext getSslContext() throws Exception {
private final SSLContext sslContext = SSLContext.getInstance( "SSL" );
sslContext.init( null, new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; }
public void checkClientTrusted( X509Certificate[] certs, String authType ) {}
public void checkServerTrusted( X509Certificate[] certs, String authType ) {}
}
}, new SecureRandom()
);
return sslContext;
}
码头 SSL 连接器。如果我使用 SelectChannelConnector 并使用 HTTP 进行单元测试,问题就会消失。
<Call name="addConnector">
<Arg>
<New class="org.mortbay.jetty.security.SslSocketConnector">
<Set name="allowRenegotiate">true</Set>
<Set name="Port">8443</Set>
<Set name="reuseAddress">true</Set>
<Set name="Host">mgmt-int</Set>
<Set name="maxIdleTime">30000</Set>
<Set name="handshakeTimeout">2000</Set>
<Set name="keystore"><SystemProperty name="jetty.home" default="/usr/app/web-app"/>/conf/keystore.jetty</Set>
<Set name="password">OBF:1vaaaaaaaaaaaaaaaaaaaa111111111v</Set>
<Set name="keyPassword">OBF:1vaaaaaaaaaaaaaaaaaaaa111111111v</Set>
</New>
</Arg>
</Call>
【问题讨论】:
-
你的握手超时时间太低了,只有 2000 毫秒。将其更改为至少 10-15 秒。
-
我把handshakeTimeout增加到15000ms,问题依旧。
-
你能创建一个线程转储,例如在客户端挂起时使用
kill -3 pid,看看这会发生在哪里?