Undertow proxy handler + RequestLimit handler issue
by paroczizs
Hi Undertow Dev,
we built a custom integration component based on Wildfly 11 with Undertow
1.4.18. The application contains a couple of custom and built in handlers.
We found the following:
There is a RequestLimit handler right at the beginning and finally the
proxy handler. When the backend getting to be slow and the load is
relatively high the RequestLimit handler does its job queues the request
then throws the request above the queue. When the proxy times out it starts
to consume the queue, in some cases the exception below occurs and we found
that in this case the counter in the RequestLimit handler is not reduced
and the it can stuck the way to the backend.
Are there any possibility to handle the exception in a custom handler?
Thank you in advance, Zsolt
2018-11-28 12:02:19,518 ERROR [io.undertow.proxy] (default I/O-2) UT005028:
Proxy request to /lwi/optinus/getentityanswersservice failed:
java.nio.channels.ClosedChannelException
at
io.undertow.client.http.HttpClientConnection$5.handleEvent(HttpClientConnection.java:194)
at
io.undertow.client.http.HttpClientConnection$5.handleEvent(HttpClientConnection.java:173)
at
org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
at
org.xnio.StreamConnection.invokeCloseListener(StreamConnection.java:80)
at org.xnio.Connection.close(Connection.java:142)
at org.xnio.IoUtils.safeClose(IoUtils.java:152)
at io.undertow.util.ConnectionUtils$3.run(ConnectionUtils.java:102)
at org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:612)
at org.xnio.nio.WorkerThread.run(WorkerThread.java:479)
1 month, 1 week
Creating a websocket proxy with undertow
by Marc Boorshtein
Using the 1.4 series, I'm trying to handle upgrade and websockets. Looking
at a few examples and the code I think what I need to do is:
1. add the WebSocketServlet to the right path
2. implement WebSocketConnectionCallback that will call my remote ws://
server
Am I on the right track? I haven't found an example of doing this with
undertow but found something similar with jetty (
https://github.com/chipster/chipster-web-server/blob/master/src/main/java...)
but I havne't found the same thing for undertow so any pointers would be
appreciated.
Thanks
Marc Boorshtein
2 months, 1 week
Issue with Undertow Client and SSL
by Thomas Segismont
Hi,
Openshift Origin uses Hawkular Metrics to store node and container data. In
this scenario, Hawkular Metrics calls the Kubernetes master server over
HTTPS to validate the client identity. This is implemented with Undertow
Client, as part of a ServletExtension (inside Wildfly 10) [1]. Works fine
in development and testing.
Now the Openshit team sees errors in the logs [2][3]. I couldn't reproduce
yet. Errors come in pair, first the "UT005001: An exception occurred
processing the request: java.lang.IllegalStateException: XNIO000017: Buffer
was already freed", and just after "XNIO001007: A channel event listener
threw an exception: java.lang.NullPointerException".
Does that ring a bell? I haven't been able to find a starting point by
looking into the source the code.
Thanks
--
Thomas Segismont
JBoss ON Engineering Team
[1] https://git.io/vrNyP
[2] https://issues.jboss.org/browse/HWKMETRICS-408
[3] https://issues.jboss.org/secure/attachment/12405779/hawkular.log
3 months
Correctly shutting down a websocket handler
by Robin Anil
When a client disconnects, I see that onClose is not being fired. The only
way this seems to be firing if client sents a close frame.
Is there any way to detect disconnection and immediately close all the
opened resources.
Robin
Robin Anil | Software Engineer
2 years, 8 months
Supporting Flight Recorder events
by Philippe Marschall
Hello
With Java 11 Flight Recorder is now part of OpenJDK 11 [1], Open Source
and free to use. I hacked something together how Undertow could
integrate with this [2]. This can become quite powerful as you can track
down what events happened during processing of that HTTP exchange. It
becomes even more powerful once other components (database, caching)
also generate events and you can correlate them.
I wanted to ask whether it makes any sense to upstream this? Obviously
it will always have to be optional as it only works with OpenJDK 11+ and
there is a small runtime overhead.
I have to say that I am not super familiar with the Flight Recorder API.
For example I am not sure when an event is started in one thread but
completed in an other thread whether that needs to be handled specially.
I am not sure whether this could happen for async servlet.
Also I am not sure whether the ExchangeCompleteListener is called if
handleRequest on the next HttpHandler throws an exception.
[1] https://openjdk.java.net/jeps/328
[2] https://github.com/marschall/undertow-jfr
Cheers
Philippe
7 years, 5 months
Proxy Protocol v2 support
by Ulrich Herberg
Hi,
We want to use Undertow in our company (Oath/Yahoo/Verizon) in an AWS
environment. Since we plan to use AWS Network Load Balancers (NLB) using
Fargate, we need the proxy protocol in order to get the source IP address
of an incoming HTTP(S) packet. However, Undertow only supports Proxy
Protocol Version 1. I have implemented version 2 (for IPv4 and IPv6),
including unit tests and it works fine. I wonder if I can contribute the
code to the open source release of Undertow.
Let me know if you are interested, then I can provide the code.
Best regards
Ulrich
7 years, 5 months
Flag to relax HTTP/2 cipher validation
by Carter Kozak
Would you be amenable to adding a feature flag disabling http/2 cipher
validation? I realize this runs counter to the specification, however
I'd like to decouple usage of http2 features from the notoriously slow
aes gcm cipher suites on java 8.
This could be broken into two components:
- Disabling the alpn cipher blackist. The blacklist is suggested, but
not required[1]
- Disabling the requirement for TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
which is listed as required (for tlsv1.2)
I can understand strong reservations against relaxing this validation,
but given the existence of flags to disable other types of validation
I figured it would be worthwhile to inquire.
Thanks,
-Carter
1. https://tools.ietf.org/html/rfc7540#section-9.2.2
7 years, 6 months
