Package org.eclipse.jetty.server.handler
Class ThreadLimitHandler
- java.lang.Object
-
- org.eclipse.jetty.util.component.AbstractLifeCycle
-
- org.eclipse.jetty.util.component.ContainerLifeCycle
-
- org.eclipse.jetty.server.handler.AbstractHandler
-
- org.eclipse.jetty.server.handler.AbstractHandlerContainer
-
- org.eclipse.jetty.server.handler.HandlerWrapper
-
- org.eclipse.jetty.server.handler.ThreadLimitHandler
-
- All Implemented Interfaces:
Handler
,HandlerContainer
,Container
,Destroyable
,Dumpable
,Dumpable.DumpableContainer
,LifeCycle
public class ThreadLimitHandler extends HandlerWrapper
Handler to limit the threads per IP address for DOS protection
The ThreadLimitHandler applies a limit to the number of Threads that can be used simultaneously per remote IP address.
The handler makes a determination of the remote IP separately to any that may be made by the
ForwardedRequestCustomizer
or similar:- This handler will use either only a single style of forwarded header. This is on the assumption that a trusted local proxy will produce only a single forwarded header and that any additional headers are likely from untrusted client side proxies.
- If multiple instances of a forwarded header are provided, this handler will use the right-most instance, which will have been set from the trusted local proxy
This is a simpler alternative to DosFilter
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class org.eclipse.jetty.server.handler.AbstractHandler
AbstractHandler.ErrorDispatchHandler
-
Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle
AbstractLifeCycle.AbstractLifeCycleListener
-
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container
Container.InheritedListener, Container.Listener
-
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Dumpable
Dumpable.DumpableContainer
-
Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle
LifeCycle.Listener
-
-
Field Summary
-
Fields inherited from class org.eclipse.jetty.server.handler.HandlerWrapper
_handler
-
-
Constructor Summary
Constructors Constructor Description ThreadLimitHandler()
ThreadLimitHandler(java.lang.String forwardedHeader)
ThreadLimitHandler(java.lang.String forwardedHeader, boolean rfc7239)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
doStart()
Starts the managed lifecycle beans in the order they were added.void
exclude(java.lang.String inetAddressPattern)
protected org.eclipse.jetty.server.handler.ThreadLimitHandler.Remote
getRemote(Request baseRequest)
protected java.lang.String
getRemoteIP(Request baseRequest)
int
getThreadLimit()
protected int
getThreadLimit(java.lang.String ip)
void
handle(java.lang.String target, Request baseRequest, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
Handle a request.void
include(java.lang.String inetAddressPattern)
boolean
isEnabled()
void
setEnabled(boolean enabled)
void
setThreadLimit(int threadLimit)
-
Methods inherited from class org.eclipse.jetty.server.handler.HandlerWrapper
destroy, expandChildren, getHandler, getHandlers, insertHandler, setHandler
-
Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandlerContainer
doShutdown, expandHandler, findContainerOf, getChildHandlerByClass, getChildHandlers, getChildHandlersByClass, setServer
-
Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandler
doError, doStop, getServer
-
Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle
addBean, addBean, addEventListener, addManaged, contains, dump, dump, dump, dump, dump, dumpBeans, dumpObject, dumpObjects, dumpStdErr, dumpThis, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, setStopTimeout, start, stop, unmanage, updateBean, updateBean, updateBeans
-
Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle
addLifeCycleListener, getState, getState, getStopTimeout, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop, toString
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface org.eclipse.jetty.util.component.Dumpable.DumpableContainer
isDumpable
-
Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle
addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop
-
-
-
-
Constructor Detail
-
ThreadLimitHandler
public ThreadLimitHandler()
-
ThreadLimitHandler
public ThreadLimitHandler(@Name("forwardedHeader") java.lang.String forwardedHeader)
-
-
Method Detail
-
doStart
protected void doStart() throws java.lang.Exception
Description copied from class:ContainerLifeCycle
Starts the managed lifecycle beans in the order they were added.- Overrides:
doStart
in classAbstractHandler
- Throws:
java.lang.Exception
-
isEnabled
@ManagedAttribute("true if this handler is enabled") public boolean isEnabled()
-
setEnabled
public void setEnabled(boolean enabled)
-
getThreadLimit
@ManagedAttribute("The maximum threads that can be dispatched per remote IP") public int getThreadLimit()
-
setThreadLimit
public void setThreadLimit(int threadLimit)
-
include
@ManagedOperation("Include IP in thread limits") public void include(java.lang.String inetAddressPattern)
-
exclude
@ManagedOperation("Exclude IP from thread limits") public void exclude(java.lang.String inetAddressPattern)
-
handle
public void handle(java.lang.String target, Request baseRequest, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws java.io.IOException, javax.servlet.ServletException
Description copied from interface:Handler
Handle a request.- Specified by:
handle
in interfaceHandler
- Overrides:
handle
in classHandlerWrapper
- Parameters:
target
- The target of the request - either a URI or a name.baseRequest
- The original unwrapped request object.request
- The request either as theRequest
object or a wrapper of that request. The
method can be used access the Request object if required.HttpConnection.getCurrentConnection()
.getHttpChannel()
.getRequest()
response
- The response as theResponse
object or a wrapper of that request. The
method can be used access the Response object if required.HttpConnection.getCurrentConnection()
.getHttpChannel()
.getResponse()
- Throws:
java.io.IOException
- if unable to handle the request or response processingjavax.servlet.ServletException
- if unable to handle the request or response due to underlying servlet issue
-
getThreadLimit
protected int getThreadLimit(java.lang.String ip)
-
getRemote
protected org.eclipse.jetty.server.handler.ThreadLimitHandler.Remote getRemote(Request baseRequest)
-
getRemoteIP
protected java.lang.String getRemoteIP(Request baseRequest)
-
-