Versions Compared

Old Version 5

changes.mady.by.user Former user

Saved on

compared with

New Version 6

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

HTTP PassThrough Transport is a non-blocking HTTP transport implementation based on HTTP Core NIO, and is the default HTTP transport shipped with WSO2 ESB. Although the HTTP the PassThrough Transport is somewhat similar to the NHTTP transport, it overcomes all the limitations of the NHTTP transport and provides a significant performance gain. The HTTP PassThrough The PassThrough Transport also has a simpler and cleaner model for forwarding messages back and forth. 

org.apache.synapse.transport.passthru.PassThroughHttpSSLListener is the listener class of the HTTP PassThrough Transport, and it receives HTTPS inbound requests.

org.apache.synapse.transport.passthru.PassThroughHttpSSLSender is the sender class of the HTTP PassThrough Transport, and it sends out HTTPS outbound requests. Both the listener and sender of the HTTP PassThrough Transport can verify certificate revocation

Verifying certificate revocation 
Anchor
revocation
revocation

org.apache.synapse.transport.passthru.PassThroughHttpSSLListener as well as org.apache.synapse.transport.passthru.PassThroughHttpSSLSender can verify with the certificate authority whether a certificate is still trusted before it completes a SSL connection. If the certificate authority has revoked the certificate, a connection will not be completed. To enable this feature, you need to add the CertificateRevocationVerifier parameter to the receiver or sender in the <EI_HOME>/conf/axis2/axis2.xml file.

...

The response from the certificate authority includes the verification and the duration for which the verification is valid. To prevent any performance overhead of continuous HTTP calls, this verification response is cached for the duration specified by the certificate authority, so that subsequent verification calls are not required until the response has expired. There are two Least Recently Used (LRU) in-memory caches for OCSP and CRL, which are automatically managed by a dedicated CacheManager thread for each cache. These CacheManagers update expired cache entries and maintain the LRU cache replacement policy.

Excerpt

Connection throttling

With the HTTP PassThrough transport and HTTP NIO transportstransport, you can enable connection throttling to restrict the number of simultaneous open connections. To enable connection throttling, edit the <EI_HOME>/conf/nhttp.properties (for the HTTP NIO transport) or <EI_HOME>/conf/passthru-http.properties (for the PassThrough transport) and add the following line:

max_open_connections = 2

This will restrict simultaneous open incoming connections to 2. To disable throttling, delete the max_open_connections setting or set it to -1.

Info

Connection throttling is never exact. For example, setting this property to 2 will result in roughly two simultaneous open connections at any given time.