File Downloads Slow when processed through Secure Proxy Server
search cancel

File Downloads Slow when processed through Secure Proxy Server

book

Article ID: 6810

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Downloading files through SPS slow, 60 MB file without going through SPS takes 1 second, with SPS over 100 seconds 

Environment

SPS Version: 12.52 0102.766 SPS O/S: Redhat 6 Policy Server version: 12.52 0102.766 PS O/S: Redhat

Cause

 CA Support setup similar environment demonstrating the difference between download through SPS and downloading directly – AWS may present is’ own slowness - below is the architecture design of SPS - slowness is since at the Tomcat Servet Container

 

 

<Please see attached file for image>

sps.png

The proxy server processing of large compressed file downloads result of the delays.  When going through Tomcat container portion of SPS it transmit data in block sizes of 4k.

 

Resolution

 

The block size is defined the server.conf virtual section this can be adjust to fine the size the works best (NOTE Large block size is not necessarily the best approach for performance.

<VirtualHost name="default">

       hostnames="lodbl511vm032.mysite.com"

       defaultsessionscheme="default"

       requestblocksize="8"

       responseblocksize="4"

</VirtualHost>

 

Supports/dev testing showed that in our environment  block sizes as flowed show the quickest downloads:

       requestblocksize="4"

       responseblocksize="3"

 

WebAgent trace file log of request:

[ProxyServlet::service][*** de288133 *** Tomcat Buffer size: 8184]

[ProxyServlet::service][*** de288133 *** response block size: 3072]

[Noodle::service][Method is: GET Content length is: 0]

[addRequestHeaders][Need to preseve Proxy HOST Header.Sending Proxy Host to the backend web server]

[execute][Sending request to backend = lodbl509vm026.ca.com:8080 url = http://lodbl509vm026.ca.com:8080/servlet/DownloadFileServlet]

[requestConnection(): ][Get connection: HttpRoute[{}->http://lodbl509vm026.ca.com:8080], timeout = 30000]

[openConnection()][Connecting to lodbl509vm026.ca.com/10.130.158.81:8080]

[execute][Response status code from backend webserver is 200]

[Noodle::doGet][Noodle.proxyRequest succeeded.  Writing out response data if available]

 

[releaseConnection(): ][Released connection is reusable.]

Additional Information

Supporting data:

HTTP Access log 102 seconds

14368 8500 10.101.83.22 [12/Apr/2017:10:51:05 -0700] 102 102169638 - - "GET /home/214 HTTP/1.1" 200 53555442 "-" "-"

 

MOD_JK

[Wed Apr 12 10:52:47.592 2017] ajp13 myserver.com 102.169369 GET HTTP/1.1 8500 /home/214 200

 

 

WebAgent trace:  request took 102 seconds to download – the delay is between

--- Start Transaction --------------

Time Taken :102 sec

[04/12/2017][10:51:05][14356][106503024][Entering the agent.][89fbe0ce-1209dce3-d1b48a88-430f0ddb-cbb46233][ProxyValve::invoke]

[04/12/2017][10:51:05][14356][106503024][Virtual Host: virtual.myserver.com][89fbe0ce-1209dce3-d1b48a88-430f0ddb-cbb46233][ProxyValve::invoke]

.

[04/12/2017][10:51:05][14356][106503024][Noodle.proxyRequest succeeded.  Writing out response data if available][89fbe0ce-1209dce3-d1b48a88-430f0ddb-cbb46233][Noodle::doGet]

[04/12/2017][10:52:47][14356][106503024][Released connection is reusable.][89fbe0ce-1209dce3-d1b48a88-430f0ddb-cbb46233][releaseConnection(): ]

[04/12/2017][10:52:47][14356][106503024][Returned streamed content length of 53555442][89fbe0ce-1209dce3-d1b48a88-430f0ddb-cbb46233][Noodle::doGet]

 

--- End Transaction --------------

Attachments

1558702883093000006810_sktwi1f5rjvs16q0z.png get_app
Powered by Wolken Software