- changed status to resolved
getting RemoteJWK fails first time with read timeout
Issue #305
resolved
I am using the RemoteJWKSet to fetch the JWKs of some IdP. A lot of times we end up with socket timeout in the logs that appear to be related to a stale socket. Has this been experienced by others? Cheers Niels
Caused by: com.nimbusds.jose.RemoteKeySourceException: Couldn't retrieve remote JWK set: Read timed out
at com.nimbusds.jose.jwk.source.RemoteJWKSet.updateJWKSetFromURL(RemoteJWKSet.java:167)
at com.nimbusds.jose.jwk.source.RemoteJWKSet.get(RemoteJWKSet.java:258)
at com.example.oidc.RemoteOidcJwkProvider.get(RemoteOidcJwkProvider.java:60)
at com.example.oidc.PreConfiguredIssuerJwkLocator.get(PreConfiguredIssuerJwkLocator.java:61)
at com.nimbusds.jose.proc.JWSVerificationKeySelector.selectJWSKeys(JWSVerificationKeySelector.java:113)
at com.nimbusds.jwt.proc.DefaultJWTProcessor.process(DefaultJWTProcessor.java:323)
at com.example.oidc.BearerTokenAuthenticator.authenticate(BearerTokenAuthenticator.java:89)
... 54 common frames omitted
Caused by: java.net.SocketTimeoutException: Read timed out
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.socketRead(SocketInputStream.java:116)
at java.net.SocketInputStream.read(SocketInputStream.java:171)
at java.net.SocketInputStream.read(SocketInputStream.java:141)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
at sun.security.ssl.InputRecord.read(InputRecord.java:503)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:975)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263)
at com.nimbusds.jose.util.DefaultResourceRetriever.retrieveResource(DefaultResourceRetriever.java:166)
at com.nimbusds.jose.jwk.source.RemoteJWKSet.updateJWKSetFromURL(RemoteJWKSet.java:165)
... 60 common frames omitted
Comments (3)
-
-
Hi, can you please clarify - is there some API call I can use or some constructor to override the default timeout? I’m using nimbus-jose-jwt package via maven in my project at the moment.
-
- Log in to comment
Increase your timeouts in com.nimbusds.jose.jwk.source.RemoteJWKSet, from the default 250ms to a value that works for your net connection.