[
https://issues.apache.org/jira/browse/SOLR-12353?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17062892#comment-17062892
]
ASF subversion and git services commented on SOLR-12353:
--------------------------------------------------------
Commit 338784214525a3c92a5c9593d2db948c7b40d3b0 in lucene-solr's branch
refs/heads/branch_8x from Erick Erickson
[ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=3387842 ]
SOLR-12353: SolrDispatchFilter expensive non-conditional debug line degrades
performance
(cherry picked from commit 5fd55d77e9f5e3da620171e4348a9450c2ee3482)
> SolrDispatchFilter expensive non-conditional debug line degrades performance
> ----------------------------------------------------------------------------
>
> Key: SOLR-12353
> URL: https://issues.apache.org/jira/browse/SOLR-12353
> Project: Solr
> Issue Type: Bug
> Components: Admin UI, Authentication, logging
> Affects Versions: 6.6.3
> Reporter: Pascal Proulx
> Assignee: Erick Erickson
> Priority: Major
>
> Hello,
> We use Solr 6.6.3. Recently on one network when switching on authentication
> (security.json) began experiencing significant delays (5-10 seconds) to
> fulfill each request to /solr index.
> I debugged the issue and it was essentially triggered by line 456 of
> SolrDispatchFilter.java:
> {code:java}
> log.debug("Request to authenticate: {}, domain: {}, port: {}", request,
> request.getLocalName(), request.getLocalPort());
> {code}
> The issue is that on machines and networks with poor configuration or DNS
> issues in particular, request.getLocalName() can trigger expensive reverse
> DNS queries for the ethernet interfaces, and will only return within
> reasonable timeframe if manually written into /etc/hosts.
> More to the point, request.getLocalName() should be considered an expensive
> operation in general, and in SolrDispatchFilter it runs unconditionally even
> if debug is disabled.
> I would suggest to either replace request.getLocalName/Port here, or at the
> least, wrap the debug operation so it doesn't affect any production systems:
> {code:java}
> if (log.isDebugEnabled()) {
> log.debug("Request to authenticate: {}, domain: {}, port: {}", request,
> request.getLocalName(), request.getLocalPort());
> }
> {code}
> The authenticateRequest method in question is private so we could not
> override it and making another HttpServletRequestWrapper to circumvent the
> servlet API was doubtful.
> Thank you
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
