[
https://issues.apache.org/jira/browse/CXF-9093?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17909620#comment-17909620
]
John Yin commented on CXF-9093:
-------------------------------
[~reta], thanks for taking the time and effort to reproduce the issue!
I did try setting AllowChunking="true" (in my XML bean config). For the test
against a ServiceNow server, I did not encounter the issue. I only encountered
the connectionClosedException when AllowChunking="false". You are correct.
I also tried this with a Zendesk server. I received a timeout exception in
both cases (with AllowChunking set to true or false) after the CXF client
refused to send the message payload to the server. The timeout was triggered
by the CXF client which was configured to timeout after 300 seconds. If I
change it to TLS 1.2, everything works fine. Here is the timeout stacktrace:
jakarta.ws.rs.ProcessingException: java.net.SocketTimeoutException: 300000
MILLISECONDS
at
org.apache.cxf.jaxrs.client.AbstractClient$ConnectionFaultInterceptor.handleMessage(AbstractClient.java:1266)
[cxf-rt-rs-client-4.1.0.jar:4.1.0]
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
[cxf-core-4.1.0.jar:4.1.0]
at
org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:112)
[cxf-core-4.1.0.jar:4.1.0]
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream$1.run(HTTPConduit.java:1250)
[cxf-rt-transports-http-4.1.0.jar:4.1.0]
at
org.apache.cxf.workqueue.AutomaticWorkQueueImpl$3.run(AutomaticWorkQueueImpl.java:413)
[cxf-core-4.1.0.jar:4.1.0]
at
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
[?:?]
at
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
[?:?]
at
org.apache.cxf.workqueue.AutomaticWorkQueueImpl$AWQThreadFactory$1.run(AutomaticWorkQueueImpl.java:346)
[cxf-core-4.1.0.jar:4.1.0]
at java.base/java.lang.Thread.run(Thread.java:840) [?:?]
Caused by: java.net.SocketTimeoutException: 300000 MILLISECONDS
at
org.apache.hc.core5.io.SocketTimeoutExceptionFactory.create(SocketTimeoutExceptionFactory.java:50)
~[httpcore5-5.3.1.jar:5.3.1]
at
org.apache.hc.core5.http.impl.nio.AbstractHttp1StreamDuplexer.onTimeout(AbstractHttp1StreamDuplexer.java:402)
~[httpcore5-5.3.1.jar:5.3.1]
at
org.apache.hc.core5.http.impl.nio.AbstractHttp1IOEventHandler.timeout(AbstractHttp1IOEventHandler.java:82)
~[httpcore5-5.3.1.jar:5.3.1]
at
org.apache.hc.core5.http.impl.nio.ClientHttp1IOEventHandler.timeout(ClientHttp1IOEventHandler.java:41)
~[httpcore5-5.3.1.jar:5.3.1]
at
org.apache.hc.client5.http.impl.async.LoggingIOSession$1.timeout(LoggingIOSession.java:248)
~[httpclient5-5.4.1.jar:5.4.1]
at
org.apache.hc.core5.reactor.ssl.SSLIOSession$1.timeout(SSLIOSession.java:223)
~[httpcore5-5.3.1.jar:5.3.1]
at
org.apache.hc.core5.reactor.InternalDataChannel.onTimeout(InternalDataChannel.java:170)
~[httpcore5-5.3.1.jar:5.3.1]
at
org.apache.hc.core5.reactor.InternalChannel.checkTimeout(InternalChannel.java:67)
~[httpcore5-5.3.1.jar:5.3.1]
at
org.apache.hc.core5.reactor.SingleCoreIOReactor.checkTimeout(SingleCoreIOReactor.java:239)
~[httpcore5-5.3.1.jar:5.3.1]
at
org.apache.hc.core5.reactor.SingleCoreIOReactor.validateActiveChannels(SingleCoreIOReactor.java:166)
~[httpcore5-5.3.1.jar:5.3.1]
at
org.apache.hc.core5.reactor.SingleCoreIOReactor.doExecute(SingleCoreIOReactor.java:128)
~[httpcore5-5.3.1.jar:5.3.1]
at
org.apache.hc.core5.reactor.AbstractSingleCoreIOReactor.execute(AbstractSingleCoreIOReactor.java:92)
~[httpcore5-5.3.1.jar:5.3.1]
at org.apache.hc.core5.reactor.IOReactorWorker.run(IOReactorWorker.java:44)
~[httpcore5-5.3.1.jar:5.3.1]
> Client does not send entire payload (if size ~> 2500 bytes) when hc5, TLS1.3
> are used
> -------------------------------------------------------------------------------------
>
> Key: CXF-9093
> URL: https://issues.apache.org/jira/browse/CXF-9093
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS
> Affects Versions: 4.1.0
> Reporter: John Yin
> Priority: Major
>
> With two different servers (one from ServiceNow and one from Zendesk), if my
> CXF client uses HC5 (cxf-rt-transports-http-hc5-4.1.0.jar is in classpath),
> the size of the JSON payload + HTTP headers ~> 2500 bytes, and TLS 1.3 is
> used, then the client would not send the entire payload to server. Both
> sides would idle after the SSL handshake and client sends a small packet
> until either the server closes the connection (resulting
> connectionClosedException) or client times out, depending on the server
> configuration.
> If any of the three conditions is changed, i.e., 1) not using hc5, 2)
> reducing the payload size so that payload+headers < 2000 bytes, or 3) forcing
> the use of TLS1.2, the problem would go away.
> This does not happen with every TLS1.3 server. For some TLS1.3 servers, I
> have not encountered the issue.
> I am not sure if this is a CXF client problem, but since it happens against
> two different servers, I thought I should report it to CXF. My Wireshark log
> does not reveal much info given that the data are encrypted and I do not have
> the server's private key.
> Thanks!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
