You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Bound HTTP client timeouts and reclaim pooled connections
Fixes connection-pool exhaustion: a stalled read on the end-user
backend route was held indefinitely because the pooled HTTP clients
had no socket/read timeout (Apache default SO_TIMEOUT = 0 = infinite).
The worker thread blocked inside the read and never reached
Response.close(), so the leased connection was never returned. With
connectionRequestTimeout also unset, new requests blocked forever
waiting for a lease instead of failing fast, wedging the listener.
Application.getClient()/getNoCertClient():
- set socket (read) and connect timeouts on the RequestConfig
- always set connectionRequestTimeout (default 30s) so lease waits
fail fast instead of blocking forever
- give pooled connections a TTL and revalidate after inactivity so
stuck/stale connections are reclaimed
- timeouts exposed as named constants for tuning
SignUp: close the PublicKey/Agent/Authorization client Responses on
all paths (defense-in-depth; these leaked on the admin signup path).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
/** Default socket (read) timeout in milliseconds for pooled HTTP client connections. Bounds stalled reads so a hung connection cannot be held indefinitely. */
/** Default timeout in milliseconds to wait for a connection lease from the pool before failing fast. Used when no explicit connectionRequestTimeout is configured. */
0 commit comments