Menu
In the docs (Tomcat 7 Config), it is written:
The number of milliseconds this Connector will wait, after accepting a connection, for the request URI line to be presented. Use a value of -1 to indicate no (i.e. infinite) timeout. The default value is 60000 (i.e. 60 seconds) but note that the standard server.xml that ships with Tomcat sets this to 20000 (i.e. 20 seconds). Unless disableUploadTimeout is set to false, this timeout will also be used when reading the request body (if any).
When a client sends request to a server, it will take N milliseconds to establish a connection. If this N exceeds the connection timeout that is set on the client's end, the request will fail in the client as expected.
I'm not able to understand what Tomcat's connectionTimeout does differently. Specifically, what does "after accepting a connection, for the request URI line to be presented" means ?
752
By default, Tomcat sets maxThreads to 200, which represents the maximum number of threads allowed to run at any given time. You can also specify values for the following parameters: minSpareThreads : the minimum number of threads that should be running at all times.
connection timeout — a time period in which a client should establish a connection with a server. socket timeout — a maximum time of inactivity between two data packets when exchanging data with a server.
For particularly large models it is possible to run out of memory since the Java Virtual Machine (JVM) used by Apache Tomcat sets the maximum heap size to only 64 MB by default.
maxPostSize. The maximum size in bytes of the POST which will be handled by the container FORM URL parameter parsing. The limit can be disabled by setting this attribute to a value less than zero. If not specified, this attribute is set to 2097152 (2 megabytes).
The connectionTimeout is the limit of time after which the server will automatically close the connection with the client not the other way around. It is a way to limit the impact of a Denial Of Service Attack. Indeed a typical way to do a DOS Attack is to launch several requests on a given server, and each request will last forever making the server waits for nothing and filling up its pool of threads such that the Server won't be able to accept any new requests. Thanks to this timeout, after x milliseconds it will ignore the request considering it as a potential attack.
Here is an interesting discussion on globally the same subject that goes a little bit deeper.
198
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
