diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-08-01 13:14:35 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-08-01 13:14:35 +0200 |
commit | 934e113590cfe3eb2c37369c281b78cee95c4949 (patch) | |
tree | d03b291d2e41cdd98a8bd364ea2267063bfe0827 /http-utils | |
parent | f2aaaf89a0f24790ff2322b7b4f88256940c2917 (diff) |
Allow clients to re-use https connections
Diffstat (limited to 'http-utils')
-rw-r--r-- | http-utils/src/main/java/ai/vespa/util/http/VespaHttpClientBuilder.java | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/http-utils/src/main/java/ai/vespa/util/http/VespaHttpClientBuilder.java b/http-utils/src/main/java/ai/vespa/util/http/VespaHttpClientBuilder.java index 5ac6786ae30..529cfdc2aff 100644 --- a/http-utils/src/main/java/ai/vespa/util/http/VespaHttpClientBuilder.java +++ b/http-utils/src/main/java/ai/vespa/util/http/VespaHttpClientBuilder.java @@ -87,6 +87,10 @@ public class VespaHttpClientBuilder { } else { builder.setSSLSocketFactory(socketFactory); } + // Workaround that allows re-using https connections, see https://stackoverflow.com/a/42112034/1615280 for details. + // Proper solution would be to add a request interceptor that adds a x500 principal as user token, + // but certificate subject CN is not accessible through the TlsContext currently. + builder.setUserTokenHandler(context -> null); }); } |