提交 53ab24eb 编写于 作者: D dfuchs

8163520: Reuse cache entries

Reviewed-by: chegar, aefimov
上级 e31fb39f
/* /*
* Copyright (c) 1994, 2013, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1994, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
...@@ -98,7 +98,15 @@ public class HttpClient extends NetworkClient { ...@@ -98,7 +98,15 @@ public class HttpClient extends NetworkClient {
// from previous releases. // from previous releases.
private static boolean retryPostProp = true; private static boolean retryPostProp = true;
/* Value of the system property jdk.ntlm.cache;
if false, then NTLM connections will not be cached.
The default value is 'true'. */
private static final boolean cacheNTLMProp;
volatile boolean keepingAlive = false; /* this is a keep-alive connection */ volatile boolean keepingAlive = false; /* this is a keep-alive connection */
volatile boolean disableKeepAlive;/* keep-alive has been disabled for this
connection - this will be used when
recomputing the value of keepingAlive */
int keepAliveConnections = -1; /* number of keep-alives left */ int keepAliveConnections = -1; /* number of keep-alives left */
/**Idle timeout value, in milliseconds. Zero means infinity, /**Idle timeout value, in milliseconds. Zero means infinity,
...@@ -149,6 +157,9 @@ public class HttpClient extends NetworkClient { ...@@ -149,6 +157,9 @@ public class HttpClient extends NetworkClient {
String retryPost = java.security.AccessController.doPrivileged( String retryPost = java.security.AccessController.doPrivileged(
new sun.security.action.GetPropertyAction("sun.net.http.retryPost")); new sun.security.action.GetPropertyAction("sun.net.http.retryPost"));
String cacheNTLM = java.security.AccessController.doPrivileged(
new sun.security.action.GetPropertyAction("jdk.ntlm.cache"));
if (keepAlive != null) { if (keepAlive != null) {
keepAliveProp = Boolean.valueOf(keepAlive).booleanValue(); keepAliveProp = Boolean.valueOf(keepAlive).booleanValue();
} else { } else {
...@@ -157,9 +168,15 @@ public class HttpClient extends NetworkClient { ...@@ -157,9 +168,15 @@ public class HttpClient extends NetworkClient {
if (retryPost != null) { if (retryPost != null) {
retryPostProp = Boolean.valueOf(retryPost).booleanValue(); retryPostProp = Boolean.valueOf(retryPost).booleanValue();
} else } else {
retryPostProp = true; retryPostProp = true;
}
if (cacheNTLM != null) {
cacheNTLMProp = Boolean.parseBoolean(cacheNTLM);
} else {
cacheNTLMProp = true;
}
} }
/** /**
...@@ -708,6 +725,7 @@ public class HttpClient extends NetworkClient { ...@@ -708,6 +725,7 @@ public class HttpClient extends NetworkClient {
nread += r; nread += r;
} }
String keep=null; String keep=null;
String authenticate=null;
ret = b[0] == 'H' && b[1] == 'T' ret = b[0] == 'H' && b[1] == 'T'
&& b[2] == 'T' && b[3] == 'P' && b[4] == '/' && && b[2] == 'T' && b[3] == 'P' && b[4] == '/' &&
b[5] == '1' && b[6] == '.'; b[5] == '1' && b[6] == '.';
...@@ -736,17 +754,37 @@ public class HttpClient extends NetworkClient { ...@@ -736,17 +754,37 @@ public class HttpClient extends NetworkClient {
*/ */
if (usingProxy) { // not likely a proxy will return this if (usingProxy) { // not likely a proxy will return this
keep = responses.findValue("Proxy-Connection"); keep = responses.findValue("Proxy-Connection");
authenticate = responses.findValue("Proxy-Authenticate");
} }
if (keep == null) { if (keep == null) {
keep = responses.findValue("Connection"); keep = responses.findValue("Connection");
authenticate = responses.findValue("WWW-Authenticate");
} }
// 'disableKeepAlive' starts with the value false.
// It can transition from false to true, but once true
// it stays true.
// If cacheNTLMProp is false, and disableKeepAlive is false,
// then we need to examine the response headers to figure out
// whether we are doing NTLM authentication. If we do NTLM,
// and cacheNTLMProp is false, than we can't keep this connection
// alive: we will switch disableKeepAlive to true.
boolean canKeepAlive = !disableKeepAlive;
if (canKeepAlive && cacheNTLMProp == false && authenticate != null) {
authenticate = authenticate.toLowerCase(Locale.US);
canKeepAlive = !authenticate.startsWith("ntlm ");
}
disableKeepAlive |= !canKeepAlive;
if (keep != null && keep.toLowerCase(Locale.US).equals("keep-alive")) { if (keep != null && keep.toLowerCase(Locale.US).equals("keep-alive")) {
/* some servers, notably Apache1.1, send something like: /* some servers, notably Apache1.1, send something like:
* "Keep-Alive: timeout=15, max=1" which we should respect. * "Keep-Alive: timeout=15, max=1" which we should respect.
*/ */
HeaderParser p = new HeaderParser( if (disableKeepAlive) {
keepAliveConnections = 1;
} else {
HeaderParser p = new HeaderParser(
responses.findValue("Keep-Alive")); responses.findValue("Keep-Alive"));
if (p != null) {
/* default should be larger in case of proxy */ /* default should be larger in case of proxy */
keepAliveConnections = p.findInt("max", usingProxy?50:5); keepAliveConnections = p.findInt("max", usingProxy?50:5);
keepAliveTimeout = p.findInt("timeout", usingProxy?60:5); keepAliveTimeout = p.findInt("timeout", usingProxy?60:5);
...@@ -756,7 +794,7 @@ public class HttpClient extends NetworkClient { ...@@ -756,7 +794,7 @@ public class HttpClient extends NetworkClient {
* We're talking 1.1 or later. Keep persistent until * We're talking 1.1 or later. Keep persistent until
* the server says to close. * the server says to close.
*/ */
if (keep != null) { if (keep != null || disableKeepAlive) {
/* /*
* The only Connection token we understand is close. * The only Connection token we understand is close.
* Paranoia: if there is any Connection header then * Paranoia: if there is any Connection header then
...@@ -838,7 +876,7 @@ public class HttpClient extends NetworkClient { ...@@ -838,7 +876,7 @@ public class HttpClient extends NetworkClient {
keepAliveConnections = 1; keepAliveConnections = 1;
keepingAlive = false; keepingAlive = false;
} else { } else {
keepingAlive = true; keepingAlive = !disableKeepAlive;
} }
failedOnce = false; failedOnce = false;
} else { } else {
...@@ -871,7 +909,7 @@ public class HttpClient extends NetworkClient { ...@@ -871,7 +909,7 @@ public class HttpClient extends NetworkClient {
(cl >= 0 || (cl >= 0 ||
code == HttpURLConnection.HTTP_NOT_MODIFIED || code == HttpURLConnection.HTTP_NOT_MODIFIED ||
code == HttpURLConnection.HTTP_NO_CONTENT)) { code == HttpURLConnection.HTTP_NO_CONTENT)) {
keepingAlive = true; keepingAlive = !disableKeepAlive;
failedOnce = false; failedOnce = false;
} else if (keepingAlive) { } else if (keepingAlive) {
/* Previously we were keeping alive, and now we're not. Remove /* Previously we were keeping alive, and now we're not. Remove
......
/* /*
* Copyright (c) 1995, 2013, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1995, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
...@@ -64,8 +64,7 @@ public abstract class AuthenticationInfo extends AuthCacheValue implements Clone ...@@ -64,8 +64,7 @@ public abstract class AuthenticationInfo extends AuthCacheValue implements Clone
* repeatedly, via the Authenticator. Default is false, which means that this * repeatedly, via the Authenticator. Default is false, which means that this
* behavior is switched off. * behavior is switched off.
*/ */
static boolean serializeAuth; static final boolean serializeAuth;
static { static {
serializeAuth = java.security.AccessController.doPrivileged( serializeAuth = java.security.AccessController.doPrivileged(
new sun.security.action.GetBooleanAction( new sun.security.action.GetBooleanAction(
...@@ -105,6 +104,16 @@ public abstract class AuthenticationInfo extends AuthCacheValue implements Clone ...@@ -105,6 +104,16 @@ public abstract class AuthenticationInfo extends AuthCacheValue implements Clone
public String getProtocolScheme() { public String getProtocolScheme() {
return protocol; return protocol;
} }
/**
* Whether we should cache this instance in the AuthCache.
* This method returns {@code true} by default.
* Subclasses may override this method to add
* additional restrictions.
* @return {@code true} by default.
*/
protected boolean useAuthCache() {
return true;
}
/** /**
* requests is used to ensure that interaction with the * requests is used to ensure that interaction with the
...@@ -341,9 +350,11 @@ public abstract class AuthenticationInfo extends AuthCacheValue implements Clone ...@@ -341,9 +350,11 @@ public abstract class AuthenticationInfo extends AuthCacheValue implements Clone
*/ */
void addToCache() { void addToCache() {
String key = cacheKey(true); String key = cacheKey(true);
cache.put(key, this); if (useAuthCache()) {
if (supportsPreemptiveAuthorization()) { cache.put(key, this);
cache.put(cacheKey(false), this); if (supportsPreemptiveAuthorization()) {
cache.put(cacheKey(false), this);
}
} }
endAuthRequest(key); endAuthRequest(key);
} }
......
/* /*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
...@@ -74,11 +74,15 @@ public class NTLMAuthentication extends AuthenticationInfo { ...@@ -74,11 +74,15 @@ public class NTLMAuthentication extends AuthenticationInfo {
private String hostname; private String hostname;
private static String defaultDomain; /* Domain to use if not specified by user */ private static String defaultDomain; /* Domain to use if not specified by user */
private static final boolean ntlmCache; /* Whether cache is enabled for NTLM */
static { static {
defaultDomain = java.security.AccessController.doPrivileged( defaultDomain = java.security.AccessController.doPrivileged(
new sun.security.action.GetPropertyAction("http.auth.ntlm.domain", "")); new sun.security.action.GetPropertyAction("http.auth.ntlm.domain", ""));
}; String ntlmCacheProp = java.security.AccessController.doPrivileged(
new sun.security.action.GetPropertyAction("jdk.ntlm.cache", "true"));
ntlmCache = Boolean.parseBoolean(ntlmCacheProp);
}
public static boolean supportsTransparentAuth () { public static boolean supportsTransparentAuth () {
return false; return false;
...@@ -167,6 +171,11 @@ public class NTLMAuthentication extends AuthenticationInfo { ...@@ -167,6 +171,11 @@ public class NTLMAuthentication extends AuthenticationInfo {
init (pw); init (pw);
} }
@Override
protected boolean useAuthCache() {
return ntlmCache && super.useAuthCache();
}
/** /**
* @return true if this authentication supports preemptive authorization * @return true if this authentication supports preemptive authorization
*/ */
...@@ -243,4 +252,3 @@ public class NTLMAuthentication extends AuthenticationInfo { ...@@ -243,4 +252,3 @@ public class NTLMAuthentication extends AuthenticationInfo {
return result; return result;
} }
} }
/* /*
* Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2002, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
...@@ -50,11 +50,15 @@ public class NTLMAuthentication extends AuthenticationInfo { ...@@ -50,11 +50,15 @@ public class NTLMAuthentication extends AuthenticationInfo {
private String hostname; private String hostname;
private static String defaultDomain; /* Domain to use if not specified by user */ private static String defaultDomain; /* Domain to use if not specified by user */
private static final boolean ntlmCache; /* Whether cache is enabled for NTLM */
static { static {
defaultDomain = java.security.AccessController.doPrivileged( defaultDomain = java.security.AccessController.doPrivileged(
new sun.security.action.GetPropertyAction("http.auth.ntlm.domain", new sun.security.action.GetPropertyAction("http.auth.ntlm.domain",
"domain")); "domain"));
String ntlmCacheProp = java.security.AccessController.doPrivileged(
new sun.security.action.GetPropertyAction("jdk.ntlm.cache", "true"));
ntlmCache = Boolean.parseBoolean(ntlmCacheProp);
}; };
private void init0() { private void init0() {
...@@ -130,6 +134,11 @@ public class NTLMAuthentication extends AuthenticationInfo { ...@@ -130,6 +134,11 @@ public class NTLMAuthentication extends AuthenticationInfo {
init (pw); init (pw);
} }
@Override
protected boolean useAuthCache() {
return ntlmCache && super.useAuthCache();
}
/** /**
* @return true if this authentication supports preemptive authorization * @return true if this authentication supports preemptive authorization
*/ */
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册