Package org.eclipse.jetty.server.handler

Class ThreadLimitHandler

  • All Implemented Interfaces:
    Handler, HandlerContainer, org.eclipse.jetty.util.component.Container, org.eclipse.jetty.util.component.Destroyable, org.eclipse.jetty.util.component.Dumpable, org.eclipse.jetty.util.component.Dumpable.DumpableContainer, org.eclipse.jetty.util.component.LifeCycle
    public class ThreadLimitHandler
extends HandlerWrapper

    Handler to limit the threads per IP address for DOS protection

    The ThreadLimitHandler applies a limit to the number of Threads that can be used simultaneously per remote IP address.

    The handler makes a determination of the remote IP separately to any that may be made by the ForwardedRequestCustomizer or similar:

    • This handler will use either only a single style of forwarded header. This is on the assumption that a trusted local proxy will produce only a single forwarded header and that any additional headers are likely from untrusted client side proxies.
    • If multiple instances of a forwarded header are provided, this handler will use the right-most instance, which will have been set from the trusted local proxy
    Requests in excess of the limit will be asynchronously suspended until a thread is available.

    This is a simpler alternative to DosFilter

    • Nested Class Summary

      • Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

        org.eclipse.jetty.util.component.AbstractLifeCycle.AbstractLifeCycleListener

      • Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container

        org.eclipse.jetty.util.component.Container.InheritedListener, org.eclipse.jetty.util.component.Container.Listener

      • Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Dumpable

        org.eclipse.jetty.util.component.Dumpable.DumpableContainer

      • Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle

        org.eclipse.jetty.util.component.LifeCycle.Listener

    • Field Summary

      • Fields inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

        FAILED, RUNNING, STARTED, STARTING, STOPPED, STOPPING

      • Fields inherited from interface org.eclipse.jetty.util.component.Dumpable

        KEY

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected void doStart()  
      void exclude​(java.lang.String inetAddressPattern)  
      protected org.eclipse.jetty.server.handler.ThreadLimitHandler.Remote getRemote​(Request baseRequest)  
      protected java.lang.String getRemoteIP​(Request baseRequest)  
      int getThreadLimit()  
      protected int getThreadLimit​(java.lang.String ip)  
      void handle​(java.lang.String target, Request baseRequest, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
      Handle a request.
      void include​(java.lang.String inetAddressPattern)  
      boolean isEnabled()  
      void setEnabled​(boolean enabled)  
      void setThreadLimit​(int threadLimit)  

      • Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle

        addBean, addBean, addEventListener, addManaged, contains, dump, dump, dump, dump, dump, dumpBeans, dumpObject, dumpObjects, dumpStdErr, dumpThis, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, setStopTimeout, start, stop, unmanage, updateBean, updateBean, updateBeans

      • Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

        addLifeCycleListener, getState, getState, getStopTimeout, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop, toString

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

      • Methods inherited from interface org.eclipse.jetty.util.component.Dumpable

        dumpSelf

      • Methods inherited from interface org.eclipse.jetty.util.component.Dumpable.DumpableContainer

        isDumpable

      • Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle

        addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop

    • Constructor Detail

      • ThreadLimitHandler

        public ThreadLimitHandler()

      • ThreadLimitHandler

        public ThreadLimitHandler​(@Name("forwardedHeader")
                          java.lang.String forwardedHeader)

      • ThreadLimitHandler

        public ThreadLimitHandler​(@Name("forwardedHeader")
                          java.lang.String forwardedHeader,
                          @Name("rfc7239")
                          boolean rfc7239)

    • Method Detail

      • doStart

        protected void doStart()
                throws java.lang.Exception
        Overrides:
        doStart in class AbstractHandler
        Throws:
        java.lang.Exception

      • isEnabled

        @ManagedAttribute("true if this handler is enabled")
public boolean isEnabled()

      • setEnabled

        public void setEnabled​(boolean enabled)

      • getThreadLimit

        @ManagedAttribute("The maximum threads that can be dispatched per remote IP")
public int getThreadLimit()

      • setThreadLimit

        public void setThreadLimit​(int threadLimit)

      • include

        @ManagedOperation("Include IP in thread limits")
public void include​(java.lang.String inetAddressPattern)

      • exclude

        @ManagedOperation("Exclude IP from thread limits")
public void exclude​(java.lang.String inetAddressPattern)

      • handle

        public void handle​(java.lang.String target,
                   Request baseRequest,
                   javax.servlet.http.HttpServletRequest request,
                   javax.servlet.http.HttpServletResponse response)
            throws java.io.IOException,
                   javax.servlet.ServletException
        Description copied from interface: Handler
        Handle a request.
        Specified by:
        handle in interface Handler
        Overrides:
        handle in class HandlerWrapper
        Parameters:
        target - The target of the request - either a URI or a name.
        baseRequest - The original unwrapped request object.
        request - The request either as the Request object or a wrapper of that request. The HttpConnection.getCurrentConnection().getHttpChannel().getRequest() method can be used access the Request object if required.
        response - The response as the Response object or a wrapper of that request. The HttpConnection.getCurrentConnection().getHttpChannel().getResponse() method can be used access the Response object if required.
        Throws:
        java.io.IOException - if unable to handle the request or response processing
        javax.servlet.ServletException - if unable to handle the request or response due to underlying servlet issue

      • getThreadLimit

        protected int getThreadLimit​(java.lang.String ip)

      • getRemote

        protected org.eclipse.jetty.server.handler.ThreadLimitHandler.Remote getRemote​(Request baseRequest)

      • getRemoteIP

        protected java.lang.String getRemoteIP​(Request baseRequest)