[CAMEL-12104] Unintuitive default cxf timeout behavior - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.22.0
Component/s: camel-cxf, camel-cxfrs
Labels:
None

Estimated Complexity:
Unknown

Description

There is very strange behavior in Camel cxf and cxfrs timeouts which could lead to sensitive data being released.

Below is a code sample which illustrates the unexpected behavior. I think any developer would expect the test API to return "Valid Response" or some kind exception, but in fact it returns "SENSITIVE DATA" due to the default continuationTimeout of 30 seconds.

This issue seems to have been introduced by https://issues.apache.org/jira/browse/CAMEL-7401

    public void configure() {

        from("cxf:///test?dataFormat=MESSAGE")
            .setBody(constant("SENSITIVE DATA"))
            .to("cxf://http://localhost:8003/slowApi?serviceClass=com.example.ExampleService&dataFormat=MESSAGE")
            .transform(constant("Valid Response"));

        from("cxf:///slowApi?dataFormat=MESSAGE")
            .process(new Processor(){
                @Override
                public void process(final Exchange exchange) throws Exception {
                    Thread.sleep(45000);
                }
            });
    }

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

Screen Shot 2018-02-28 at 15.20.31.png
28/Feb/18 14:21
65 kB
Claus Ibsen

Issue Links

causes

CAMEL-12409 Temporary revert CAMEL-12104 Unintuitive default cxf timeout behavior

Resolved

is blocked by

CXF-7661 add isTimeout flag for Continutation so that we can easily know when the timeout happen outside CXF

Closed

Activity

People

Assignee:: Freeman Yue Fang

Reporter:: Adam Campbell

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 27/Dec/17 18:31

Updated:: 26/Mar/18 15:56

Resolved:: 20/Mar/18 01:27