add connection timeout for AJP connector

[zspitzer]

in server.xml

the local http server connection has a timeout set

<Connector port="8888" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />

but the AJP doesn't

<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443/>

the default is 60000, the other option is -1, no timeout https://tomcat.apache.org/tomcat-9.0-doc/config/http.html

[utdream]

The settings that are there are the settings that Tomcat defaults to, but I can't think of any good reason why not to add it. I considered adding the windows label since only windows uses AJP by default, but then decided against it because it will affect both platforms.

[zspitzer]

Shouldn't Lucee be in control of timeouts?

[utdream]

I don't understand the question. Lucee controls it's own timeouts, sure. but it doesn't have the ability to control the timeouts of other services.

[zspitzer]

Default in Lucee is 50s I think, so OOTB you can only increase the timeout by 10s before Apache will throw a server error

[Bilal-S]

In high load environments the connection timeout can help clean out stale tomcat connections. This is not something that lucee has insight into directly AFAIK. If not specified Tomcat will assume -1. see here: https://tomcat.apache.org/tomcat-9.0-doc/config/ajp.html and never timeout the connection thus amassing a pool of stale connections.

Stale in this context would mean that traffic at one point flowed through it but the connection state got messed up somehow and is no longer usable.

If done, this should be done in concert with webserver timeouts so that connections are similarly destroyed that are not being used.

For IIS I would set Idle Timeout (minutes) to a corresponding but slightly lower value. If Tomcat is set to 61s, IIS is set to 60s.

However, I am not sure what the right value is. In development this does not matter much, in production depending on your server issues and the way funky stuff can be programmed it could help.

[zspitzer]

Is there a way for Lucee to tell Tomcat to increase the connection timeout for a request when a request timeout is set?

[utdream]

@zspitzer Not that I know of. @Bilal-S This is great insight. Thank you.

[utdream]

IIS connection timeout appears to be 2m (for reference for AJP connector timeout) https://docs.microsoft.com/en-us/iis/configuration/system.applicationhost/sites/sitedefaults/limits

[utdream]

Updating AJP connector setting to the following to match IIS defaults, and the HTTP connectors form:

    <Connector port="@@tomcatajpport@@" protocol="AJP/1.3"
               connectionTimeout="120000"
               redirectPort="8443" />