Allow clients to re-use https connections

author: Bjørn Christian Seime <bjorncs@verizonmedia.com> 2019-08-01 13:14:35 +0200
committer: Bjørn Christian Seime <bjorncs@verizonmedia.com> 2019-08-01 13:14:35 +0200
commit: 934e113590cfe3eb2c37369c281b78cee95c4949 (patch)
tree: d03b291d2e41cdd98a8bd364ea2267063bfe0827 /http-utils
parent: f2aaaf89a0f24790ff2322b7b4f88256940c2917 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/http-utils/src/main/java/ai/vespa/util/http/VespaHttpClientBuilder.java b/http-utils/src/main/java/ai/vespa/util/http/VespaHttpClientBuilder.java
index 5ac6786ae30..529cfdc2aff 100644
--- a/http-utils/src/main/java/ai/vespa/util/http/VespaHttpClientBuilder.java
+++ b/http-utils/src/main/java/ai/vespa/util/http/VespaHttpClientBuilder.java
@@ -87,6 +87,10 @@ public class VespaHttpClientBuilder {
                     } else {
                         builder.setSSLSocketFactory(socketFactory);
                     }
+                    // Workaround that allows re-using https connections, see https://stackoverflow.com/a/42112034/1615280 for details.
+                    // Proper solution would be to add a request interceptor that adds a x500 principal as user token,
+                    // but certificate subject CN is not accessible through the TlsContext currently.
+                    builder.setUserTokenHandler(context -> null);
                 });
     }
author	Bjørn Christian Seime <bjorncs@verizonmedia.com>	2019-08-01 13:14:35 +0200
committer	Bjørn Christian Seime <bjorncs@verizonmedia.com>	2019-08-01 13:14:35 +0200
commit	934e113590cfe3eb2c37369c281b78cee95c4949 (patch)
tree	d03b291d2e41cdd98a8bd364ea2267063bfe0827 /http-utils
parent	f2aaaf89a0f24790ff2322b7b4f88256940c2917 (diff)