Package org.eclipse.jetty.server.handler
Class ThreadLimitHandler
java.lang.Object
org.eclipse.jetty.util.component.AbstractLifeCycle
org.eclipse.jetty.util.component.ContainerLifeCycle
org.eclipse.jetty.server.handler.AbstractHandler
org.eclipse.jetty.server.handler.AbstractHandlerContainer
org.eclipse.jetty.server.handler.HandlerWrapper
org.eclipse.jetty.server.handler.ThreadLimitHandler
- All Implemented Interfaces:
Handler
,HandlerContainer
,Container
,Destroyable
,Dumpable
,Dumpable.DumpableContainer
,LifeCycle
Handler to limit the threads per IP address for DOS protection
The ThreadLimitHandler applies a limit to the number of Threads that can be used simultaneously per remote IP address.
The handler makes a determination of the remote IP separately to
any that may be made by the ForwardedRequestCustomizer
or similar:
- This handler will use either only a single style of forwarded header. This is on the assumption that a trusted local proxy will produce only a single forwarded header and that any additional headers are likely from untrusted client side proxies.
- If multiple instances of a forwarded header are provided, this handler will use the right-most instance, which will have been set from the trusted local proxy
This is a simpler alternative to DosFilter
-
Nested Class Summary
Nested classes/interfaces inherited from class org.eclipse.jetty.server.handler.AbstractHandler
AbstractHandler.ErrorDispatchHandler
Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle
AbstractLifeCycle.AbstractLifeCycleListener, AbstractLifeCycle.StopException
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container
Container.InheritedListener, Container.Listener
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Dumpable
Dumpable.DumpableContainer
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle
LifeCycle.Listener
-
Field Summary
Fields inherited from class org.eclipse.jetty.server.handler.HandlerWrapper
_handler
-
Constructor Summary
ConstructorDescriptionThreadLimitHandler
(String forwardedHeader) ThreadLimitHandler
(String forwardedHeader, boolean rfc7239) -
Method Summary
Modifier and TypeMethodDescriptionprotected void
doStart()
Starts the managed lifecycle beans in the order they were added.void
protected String
getRemoteIP
(Request baseRequest) int
protected int
getThreadLimit
(String ip) void
handle
(String target, Request baseRequest, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Handle a request.void
boolean
void
setEnabled
(boolean enabled) void
setThreadLimit
(int threadLimit) Methods inherited from class org.eclipse.jetty.server.handler.HandlerWrapper
destroy, expandChildren, getHandler, getHandlers, insertHandler, setHandler
Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandlerContainer
expandHandler, findContainerOf, getChildHandlerByClass, getChildHandlers, getChildHandlersByClass, setServer
Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandler
doError, doStop, getServer
Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle
addBean, addBean, addEventListener, addManaged, contains, dump, dump, dump, dumpObjects, dumpStdErr, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, start, stop, unmanage, updateBean, updateBean, updateBeans, updateBeans
Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle
getEventListeners, getState, getState, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, setEventListeners, start, stop, toString
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
Methods inherited from interface org.eclipse.jetty.util.component.Container
getCachedBeans, getEventListeners
Methods inherited from interface org.eclipse.jetty.util.component.Dumpable.DumpableContainer
isDumpable
Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle
addEventListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeEventListener, start, stop
-
Constructor Details
-
ThreadLimitHandler
public ThreadLimitHandler() -
ThreadLimitHandler
-
ThreadLimitHandler
-
-
Method Details
-
doStart
Description copied from class:ContainerLifeCycle
Starts the managed lifecycle beans in the order they were added.- Overrides:
doStart
in classAbstractHandler
- Throws:
AbstractLifeCycle.StopException
- If thrown, the lifecycle will immediately be stopped.Exception
- If there was a problem starting. Will cause a transition to FAILED state
-
isEnabled
-
setEnabled
public void setEnabled(boolean enabled) -
getThreadLimit
@ManagedAttribute("The maximum threads that can be dispatched per remote IP") public int getThreadLimit() -
getThreadLimit
-
setThreadLimit
public void setThreadLimit(int threadLimit) -
include
-
exclude
-
handle
public void handle(String target, Request baseRequest, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, javax.servlet.ServletException Description copied from interface:Handler
Handle a request.- Specified by:
handle
in interfaceHandler
- Overrides:
handle
in classHandlerWrapper
- Parameters:
target
- The target of the request - either a URI or a name.baseRequest
- The original unwrapped request object.request
- The request either as theRequest
object or a wrapper of that request. The
method can be used access the Request object if required.HttpConnection.getCurrentConnection()
.getHttpChannel()
.getRequest()
response
- The response as theResponse
object or a wrapper of that request. The
method can be used access the Response object if required.HttpConnection.getCurrentConnection()
.getHttpChannel()
.getResponse()
- Throws:
IOException
- if unable to handle the request or response processingjavax.servlet.ServletException
- if unable to handle the request or response due to underlying servlet issue
-
getRemoteIP
-