8170814: Reuse cache entries (part II)
Reviewed-by: chegar, ahgross, weijun, aefimov, michaelm
This commit is contained in:
Daniel Fuchs
parent
d9bb0f0d39
commit
9c8183b4a4
@ -106,6 +106,11 @@ public class HttpClient extends NetworkClient {
|
||||
if false, then NTLM connections will not be cached.
|
||||
The default value is 'true'. */
|
||||
private static final boolean cacheNTLMProp;
|
||||
/* Value of the system property jdk.spnego.cache;
|
||||
if false, then connections authentified using the Negotiate/Kerberos
|
||||
scheme will not be cached.
|
||||
The default value is 'true'. */
|
||||
private static final boolean cacheSPNEGOProp;
|
||||
|
||||
volatile boolean keepingAlive; /* this is a keep-alive connection */
|
||||
volatile boolean disableKeepAlive;/* keep-alive has been disabled for this
|
||||
@ -161,6 +166,7 @@ public class HttpClient extends NetworkClient {
|
||||
String keepAlive = props.getProperty("http.keepAlive");
|
||||
String retryPost = props.getProperty("sun.net.http.retryPost");
|
||||
String cacheNTLM = props.getProperty("jdk.ntlm.cache");
|
||||
String cacheSPNEGO = props.getProperty("jdk.spnego.cache");
|
||||
|
||||
if (keepAlive != null) {
|
||||
keepAliveProp = Boolean.parseBoolean(keepAlive);
|
||||
@ -180,6 +186,11 @@ public class HttpClient extends NetworkClient {
|
||||
cacheNTLMProp = true;
|
||||
}
|
||||
|
||||
if (cacheSPNEGO != null) {
|
||||
cacheSPNEGOProp = Boolean.parseBoolean(cacheSPNEGO);
|
||||
} else {
|
||||
cacheSPNEGOProp = true;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -784,9 +795,16 @@ public class HttpClient extends NetworkClient {
|
||||
// and cacheNTLMProp is false, than we can't keep this connection
|
||||
// alive: we will switch disableKeepAlive to true.
|
||||
boolean canKeepAlive = !disableKeepAlive;
|
||||
if (canKeepAlive && cacheNTLMProp == false && authenticate != null) {
|
||||
if (canKeepAlive && (cacheNTLMProp == false || cacheSPNEGOProp == false)
|
||||
&& authenticate != null) {
|
||||
authenticate = authenticate.toLowerCase(Locale.US);
|
||||
canKeepAlive = !authenticate.startsWith("ntlm ");
|
||||
if (cacheNTLMProp == false) {
|
||||
canKeepAlive &= !authenticate.startsWith("ntlm ");
|
||||
}
|
||||
if (cacheSPNEGOProp == false) {
|
||||
canKeepAlive &= !authenticate.startsWith("negotiate ");
|
||||
canKeepAlive &= !authenticate.startsWith("kerberos ");
|
||||
}
|
||||
}
|
||||
disableKeepAlive |= !canKeepAlive;
|
||||
|
||||
|
||||
@ -34,6 +34,7 @@ import sun.net.www.HeaderParser;
|
||||
import sun.util.logging.PlatformLogger;
|
||||
import static sun.net.www.protocol.http.AuthScheme.NEGOTIATE;
|
||||
import static sun.net.www.protocol.http.AuthScheme.KERBEROS;
|
||||
import sun.security.action.GetPropertyAction;
|
||||
|
||||
/**
|
||||
* NegotiateAuthentication:
|
||||
@ -55,7 +56,14 @@ class NegotiateAuthentication extends AuthenticationInfo {
|
||||
// if it's true, a cached Negotiator is put into <code>cache</code>.
|
||||
// the cache can be used only once, so after the first use, it's cleaned.
|
||||
static HashMap <String, Boolean> supported = null;
|
||||
static HashMap <String, Negotiator> cache = null;
|
||||
static ThreadLocal <HashMap <String, Negotiator>> cache = null;
|
||||
/* Whether cache is enabled for Negotiate/Kerberos */
|
||||
private static final boolean cacheSPNEGO;
|
||||
static {
|
||||
String spnegoCacheProp =
|
||||
GetPropertyAction.privilegedGetProperty("jdk.spnego.cache", "true");
|
||||
cacheSPNEGO = Boolean.parseBoolean(spnegoCacheProp);
|
||||
}
|
||||
|
||||
// The HTTP Negotiate Helper
|
||||
private Negotiator negotiator = null;
|
||||
@ -119,8 +127,7 @@ class NegotiateAuthentication extends AuthenticationInfo {
|
||||
*/
|
||||
private static synchronized boolean isSupportedImpl(HttpCallerInfo hci) {
|
||||
if (supported == null) {
|
||||
supported = new HashMap <String, Boolean>();
|
||||
cache = new HashMap <String, Negotiator>();
|
||||
supported = new HashMap<>();
|
||||
}
|
||||
String hostname = hci.host;
|
||||
hostname = hostname.toLowerCase();
|
||||
@ -133,7 +140,15 @@ class NegotiateAuthentication extends AuthenticationInfo {
|
||||
supported.put(hostname, true);
|
||||
// the only place cache.put is called. here we can make sure
|
||||
// the object is valid and the oneToken inside is not null
|
||||
cache.put(hostname, neg);
|
||||
if (cache == null) {
|
||||
cache = new ThreadLocal<>() {
|
||||
@Override
|
||||
protected HashMap<String, Negotiator> initialValue() {
|
||||
return new HashMap<>();
|
||||
}
|
||||
};
|
||||
}
|
||||
cache.get().put(hostname, neg);
|
||||
return true;
|
||||
} else {
|
||||
supported.put(hostname, false);
|
||||
@ -141,6 +156,16 @@ class NegotiateAuthentication extends AuthenticationInfo {
|
||||
}
|
||||
}
|
||||
|
||||
private static synchronized HashMap<String, Negotiator> getCache() {
|
||||
if (cache == null) return null;
|
||||
return cache.get();
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean useAuthCache() {
|
||||
return super.useAuthCache() && cacheSPNEGO;
|
||||
}
|
||||
|
||||
/**
|
||||
* Not supported. Must use the setHeaders() method
|
||||
*/
|
||||
@ -198,12 +223,11 @@ class NegotiateAuthentication extends AuthenticationInfo {
|
||||
*/
|
||||
private byte[] firstToken() throws IOException {
|
||||
negotiator = null;
|
||||
if (cache != null) {
|
||||
synchronized(cache) {
|
||||
negotiator = cache.get(getHost());
|
||||
if (negotiator != null) {
|
||||
cache.remove(getHost()); // so that it is only used once
|
||||
}
|
||||
HashMap <String, Negotiator> cachedMap = getCache();
|
||||
if (cachedMap != null) {
|
||||
negotiator = cachedMap.get(getHost());
|
||||
if (negotiator != null) {
|
||||
cachedMap.remove(getHost()); // so that it is only used once
|
||||
}
|
||||
}
|
||||
if (negotiator == null) {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user