[jira] [Commented] (SOLR-12353) SolrDispatchFilter expensive non-conditional debug line degrades performance

[ASF subversion and git services (Jira)]

    [ 
https://issues.apache.org/jira/browse/SOLR-12353?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17062889#comment-17062889
 ] 

ASF subversion and git services commented on SOLR-12353:
--------------------------------------------------------

Commit 5fd55d77e9f5e3da620171e4348a9450c2ee3482 in lucene-solr's branch 
refs/heads/master from Erick Erickson
[ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=5fd55d7 ]

SOLR-12353: SolrDispatchFilter expensive non-conditional debug line degrades 
performance


> SolrDispatchFilter expensive non-conditional debug line degrades performance
> ----------------------------------------------------------------------------
>
>                 Key: SOLR-12353
>                 URL: https://issues.apache.org/jira/browse/SOLR-12353
>             Project: Solr
>          Issue Type: Bug
>          Components: Admin UI, Authentication, logging
>    Affects Versions: 6.6.3
>            Reporter: Pascal Proulx
>            Assignee: Erick Erickson
>            Priority: Major
>
> Hello,
> We use Solr 6.6.3. Recently on one network when switching on authentication 
> (security.json) began experiencing significant delays (5-10 seconds) to 
> fulfill each request to /solr index.
> I debugged the issue and it was essentially triggered by line 456 of 
> SolrDispatchFilter.java:
> {code:java}
> log.debug("Request to authenticate: {}, domain: {}, port: {}", request, 
> request.getLocalName(), request.getLocalPort());
> {code}
> The issue is that on machines and networks with poor configuration or DNS 
> issues in particular, request.getLocalName() can trigger expensive reverse 
> DNS queries for the ethernet interfaces, and will only return within 
> reasonable timeframe if manually written into /etc/hosts.
> More to the point, request.getLocalName() should be considered an expensive 
> operation in general, and in SolrDispatchFilter it runs unconditionally even 
> if debug is disabled.
> I would suggest to either replace request.getLocalName/Port here, or at the 
> least, wrap the debug operation so it doesn't affect any production systems:
> {code:java}
> if (log.isDebugEnabled()) {
>     log.debug("Request to authenticate: {}, domain: {}, port: {}", request, 
> request.getLocalName(), request.getLocalPort());
> }
> {code}
> The authenticateRequest method in question is private so we could not 
> override it and making another HttpServletRequestWrapper to circumvent the 
> servlet API was doubtful.
> Thank you
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org