Package org.eclipse.jetty.server.handler

Class ThreadLimitHandler

java.lang.Object

org.eclipse.jetty.util.component.AbstractLifeCycle

org.eclipse.jetty.util.component.ContainerLifeCycle

org.eclipse.jetty.server.handler.AbstractHandler

org.eclipse.jetty.server.handler.AbstractHandlerContainer

org.eclipse.jetty.server.handler.HandlerWrapper

org.eclipse.jetty.server.handler.ThreadLimitHandler

All Implemented Interfaces:

Handler, HandlerContainer, org.eclipse.jetty.util.component.Container, org.eclipse.jetty.util.component.Destroyable, org.eclipse.jetty.util.component.Dumpable, org.eclipse.jetty.util.component.LifeCycle

public class ThreadLimitHandler
extends HandlerWrapper

Handler to limit the threads per IP address for DOS protection

The ThreadLimitHandler applies a limit to the number of Threads that can be used simultaneously per remote IP address.

The handler makes a determination of the remote IP separately to any that may be made by the ForwardedRequestCustomizer or similar:

• This handler will use either only a single style of forwarded header. This is on the assumption that a trusted local proxy will produce only a single forwarded header and that any additional headers are likely from untrusted client side proxies.
• If multiple instances of a forwarded header are provided, this handler will use the right-most instance, which will have been set from the trusted local proxy

Requests in excess of the limit will be asynchronously suspended until a thread is available.

This is a simpler alternative to DosFilter

Nested Class Summary

Nested classes/interfaces inherited from class org.eclipse.jetty.server.handler.AbstractHandler

AbstractHandler.ErrorDispatchHandler

Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

org.eclipse.jetty.util.component.AbstractLifeCycle.AbstractLifeCycleListener

Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container

org.eclipse.jetty.util.component.Container.InheritedListener, org.eclipse.jetty.util.component.Container.Listener

Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle

org.eclipse.jetty.util.component.LifeCycle.Listener

Field Summary

Fields inherited from class org.eclipse.jetty.server.handler.HandlerWrapper

_handler

Fields inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

FAILED, RUNNING, STARTED, STARTING, STOPPED, STOPPING

Fields inherited from interface org.eclipse.jetty.util.component.Dumpable

KEY

Constructor Summary

Constructors

Constructor	Description
ThreadLimitHandler()
ThreadLimitHandler(String forwardedHeader)
ThreadLimitHandler(String forwardedHeader, boolean rfc7239)

Method Summary

Modifier and Type	Method	Description
protected void	doStart()
void	exclude(String inetAddressPattern)
protected org.eclipse.jetty.server.handler.ThreadLimitHandler.Remote	getRemote(Request baseRequest)
protected String	getRemoteIP(Request baseRequest)
int	getThreadLimit()
protected int	getThreadLimit(String ip)
void	handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)	Handle a request.
void	include(String inetAddressPattern)
boolean	isEnabled()
void	setEnabled(boolean enabled)
void	setThreadLimit(int threadLimit)

Methods inherited from class org.eclipse.jetty.server.handler.HandlerWrapper

destroy, expandChildren, getHandler, getHandlers, insertHandler, setHandler

Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandlerContainer

doShutdown, expandHandler, findContainerOf, getChildHandlerByClass, getChildHandlers, getChildHandlersByClass, setServer

Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandler

doError, doStop, getServer

Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle

addBean, addBean, addBean, addEventListener, addManaged, contains, dump, dump, dump, dump, dump, dumpBeans, dumpObject, dumpObjects, dumpStdErr, dumpThis, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, setStopTimeout, start, stop, unmanage, updateBean, updateBean, updateBeans

Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

addLifeCycleListener, getState, getState, getStopTimeout, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle

addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop

Constructor Detail

ThreadLimitHandler

public ThreadLimitHandler()

ThreadLimitHandler

public ThreadLimitHandler(@Name("forwardedHeader")
                          String forwardedHeader)

ThreadLimitHandler

public ThreadLimitHandler(@Name("forwardedHeader")
                          String forwardedHeader,
                          @Name("rfc7239")
                          boolean rfc7239)

Method Detail

doStart

protected void doStart()
                throws Exception

Overrides:

doStart in class AbstractHandler

Throws:

Exception

isEnabled

@ManagedAttribute("true if this handler is enabled")
public boolean isEnabled()

setEnabled

public void setEnabled(boolean enabled)

getThreadLimit

@ManagedAttribute("The maximum threads that can be dispatched per remote IP")
public int getThreadLimit()

setThreadLimit

public void setThreadLimit(int threadLimit)

include

@ManagedOperation("Include IP in thread limits")
public void include(String inetAddressPattern)

exclude

@ManagedOperation("Exclude IP from thread limits")
public void exclude(String inetAddressPattern)

handle

public void handle(String target,
                   Request baseRequest,
                   HttpServletRequest request,
                   HttpServletResponse response)
            throws IOException,
                   ServletException

Description copied from interface: Handler

Handle a request.

Specified by:

handle in interface Handler

Overrides:

handle in class HandlerWrapper

Parameters:

target - The target of the request - either a URI or a name.

baseRequest - The original unwrapped request object.

request - The request either as the Request object or a wrapper of that request. The HttpConnection.getCurrentConnection().getHttpChannel().getRequest() method can be used access the Request object if required.

response - The response as the Response object or a wrapper of that request. The HttpConnection.getCurrentConnection().getHttpChannel().getResponse() method can be used access the Response object if required.

Throws:

IOException - if unable to handle the request or response processing

ServletException - if unable to handle the request or response due to underlying servlet issue

getThreadLimit

protected int getThreadLimit(String ip)

getRemote

protected org.eclipse.jetty.server.handler.ThreadLimitHandler.Remote getRemote(Request baseRequest)

getRemoteIP

protected String getRemoteIP(Request baseRequest)