[undertow-dev] Using the RequestBufferingHandler properly

Sun Nov 5 19:00:59 EST 2017

On Mon, Nov 6, 2017 at 6:02 AM, paroczizs . <paroczizs at gmail.com> wrote:

> Hi Undertow dev,
>
> I would like to use the RequestBufferingHandler in our proxy application.
> I found the following in a privious post:
>
> "RequestBufferingHandler is a performance enhancing handler that is
> designed to be used for blocking requests, basically
> it allows you to fully read the request before the request gets dispatched
> to a (potentially limited) thread pool."
>
>
>
> I have to do the following:
>
> - read the full request body or first limit size of the body e.g max 1MB
> if larger there is no need for the whole body.
> - do some check on the body content
> - forward the whole request towards the business backend using a proxy
> handler if the check was successful
>
>
> I use the Undertow with Wildfly, the RequestBufferingHandler cannot be
> configured in the standalone.xml the error refer an unimplemented
> constructor.
>

It can, but you need to use the expression-filter and use
'buffer-request(10)' (10 is the number of buffers, the number you want will
depend on your buffer size).

That said I don't think you really want to use request buffering handler
here, like it says in the javadoc it is intended to provide some
performance enhancements in a specific situation.

Instead your should write a handler that:

- Reads all the bytes, up to your specified maximum amount (and I assume
rejects if it is too large, which request buffering handler will not do)
- Performs your checks
- Use Connectors.ungetRequestBytes() and Connectors.resetRequestChannel to
make the data availble to later handlers (basically just copy the buffering
handler and adapt it to your needs).

> I can clone the RequestBufferingHandler into an own class and I suppose it
> works but I am not able to access the bufferd bytes due to the attachment
> key belongs HttpServerExchange and the attachment key is package private so
> I cannot use it.
>
>
You are not supposed to directly access that attachment, it to enable the
exchange to re-read the bytes. If you want to perform verification either
use a different attachment or do the verification directly in your handler.

> Some more detail:
>
> - I also would like to log the full in/out contents with conduits. With
> this I got an error if the RequestBufferingHandler registered and fired
> before the handler that wants to add the conduits. The problem here that I
> need some info from the request in the log (request id / correlation id /
> etc.). I can create callbacks towards the own conduit but it is not clear
> for me how the conduits and the RequestBufferingHandler work together.
>

Just attach all the data in your handle, and log from the attached buffered
data, rather than using a conduit.

Stuart

>
> Any help is appreciated.
>
> Regards, Zsolt
>
>
>
>
>
>
> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> Mentes
> a vírusoktól. www.avast.com
> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
> <#m_-3186565349216403654_m_6878925675556719771_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
>
> _______________________________________________
> undertow-dev mailing list
> undertow-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/undertow-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/undertow-dev/attachments/20171106/b5d48d6a/attachment.html 