@ManagedObject(value="limits exposure to abuse from request flooding, whether malicious, or as a result of a misconfigured client") public class DoSFilter extends java.lang.Object implements javax.servlet.Filter
This filter is useful for limiting exposure to abuse from request flooding, whether malicious, or as a result of a misconfigured client.
The filter keeps track of the number of requests from a connection per second. If a limit is exceeded, the request is either rejected, delayed, or throttled.
When a request is throttled, it is placed in a priority queue. Priority is given first to authenticated users and users with an HttpSession, then connections which can be identified by their IP addresses. Connections with no way to identify them are given lowest priority.
The extractUserId(ServletRequest request)
function should be
implemented, in order to uniquely identify authenticated users.
The following init parameters control the behavior of the filter:
ServletContext
attribute with the
filter name as the attribute name. This allows context external mechanism (eg JMX via ContextHandler.MANAGED_ATTRIBUTES
) to
manage the configuration of the filter.
This filter should be configured for DispatcherType.REQUEST
and DispatcherType.ASYNC
and with
<async-supported>true</async-supported>
.
Modifier and Type | Class and Description |
---|---|
private class |
DoSFilter.DoSAsyncListener |
private class |
DoSFilter.DoSTimeoutAsyncListener |
(package private) class |
DoSFilter.FixedRateTracker |
(package private) static class |
DoSFilter.RateTracker
A RateTracker is associated with a connection, and stores request rate
data.
|
Modifier and Type | Field and Description |
---|---|
private static int |
__DEFAULT_DELAY_MS |
private static long |
__DEFAULT_MAX_IDLE_TRACKER_MS_INIT_PARAM |
private static long |
__DEFAULT_MAX_REQUEST_MS_INIT_PARAM |
private static int |
__DEFAULT_MAX_REQUESTS_PER_SEC |
private static int |
__DEFAULT_MAX_WAIT_MS |
private static int |
__DEFAULT_THROTTLE |
private static long |
__DEFAULT_THROTTLE_MS |
private static java.lang.String |
__THROTTLED |
private static java.lang.String |
__TRACKER |
private javax.servlet.ServletContext |
_context |
private long |
_delayMs |
private boolean |
_enabled |
private boolean |
_insertHeaders |
private javax.servlet.AsyncListener[] |
_listeners |
private long |
_maxIdleTrackerMs |
private long |
_maxRequestMs |
private int |
_maxRequestsPerSec |
private long |
_maxWaitMs |
private java.lang.String |
_name |
private java.util.concurrent.Semaphore |
_passes |
private java.util.Queue<javax.servlet.AsyncContext>[] |
_queues |
private java.util.concurrent.ConcurrentHashMap<java.lang.String,DoSFilter.RateTracker> |
_rateTrackers |
private boolean |
_remotePort |
private java.lang.String |
_resumed |
private Scheduler |
_scheduler |
private java.lang.String |
_suspended |
private int |
_throttledRequests |
private long |
_throttleMs |
private int |
_tooManyCode |
private boolean |
_trackSessions |
private java.util.List<java.lang.String> |
_whitelist |
private static java.util.regex.Pattern |
CIDR_PATTERN |
(package private) static java.lang.String |
DELAY_MS_INIT_PARAM |
(package private) static java.lang.String |
ENABLED_INIT_PARAM |
(package private) static java.lang.String |
INSERT_HEADERS_INIT_PARAM |
(package private) static java.lang.String |
IP_WHITELIST_INIT_PARAM |
private static java.lang.String |
IPv4_GROUP |
private static java.util.regex.Pattern |
IPv4_PATTERN |
private static java.lang.String |
IPv6_GROUP |
private static java.util.regex.Pattern |
IPv6_PATTERN |
private static Logger |
LOG |
(package private) static java.lang.String |
MANAGED_ATTR_INIT_PARAM |
(package private) static java.lang.String |
MAX_IDLE_TRACKER_MS_INIT_PARAM |
(package private) static java.lang.String |
MAX_REQUEST_MS_INIT_PARAM |
(package private) static java.lang.String |
MAX_REQUESTS_PER_S_INIT_PARAM |
(package private) static java.lang.String |
MAX_WAIT_INIT_PARAM |
(package private) static java.lang.String |
NAME |
(package private) static java.lang.String |
REMOTE_PORT_INIT_PARAM |
(package private) static java.lang.String |
THROTTLE_MS_INIT_PARAM |
(package private) static java.lang.String |
THROTTLED_REQUESTS_INIT_PARAM |
(package private) static java.lang.String |
TOO_MANY_CODE |
(package private) static java.lang.String |
TRACK_SESSIONS_INIT_PARAM |
private static int |
USER_AUTH |
private static int |
USER_IP |
private static int |
USER_SESSION |
private static int |
USER_UNKNOWN |
Constructor and Description |
---|
DoSFilter() |
Modifier and Type | Method and Description |
---|---|
private byte[] |
addressToBytes(java.lang.String address) |
void |
addToRateTracker(DoSFilter.RateTracker tracker) |
private boolean |
addWhitelistAddress(java.util.List<java.lang.String> list,
java.lang.String address) |
boolean |
addWhitelistAddress(java.lang.String address)
Adds the given IP address, either in the form of a dotted decimal notation A.B.C.D
or in the CIDR notation A.B.C.D/M, to the list of whitelisted IP addresses.
|
protected boolean |
checkWhitelist(java.util.List<java.lang.String> whitelist,
java.lang.String candidate)
Deprecated.
|
protected boolean |
checkWhitelist(java.lang.String candidate) |
void |
clearWhitelist()
Clears the list of whitelisted IP addresses
|
protected void |
closeConnection(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
java.lang.Thread thread)
Deprecated.
|
private java.lang.String |
createRemotePortId(javax.servlet.ServletRequest request) |
void |
destroy() |
protected void |
doFilter(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
javax.servlet.FilterChain filterChain) |
void |
doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain filterChain) |
protected void |
doFilterChain(javax.servlet.FilterChain chain,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response) |
protected java.lang.String |
extractUserId(javax.servlet.ServletRequest request)
Returns the user id, used to track this connection.
|
long |
getDelayMs()
Get delay (in milliseconds) that is applied to all requests
over the rate limit, before they are considered at all.
|
long |
getMaxIdleTrackerMs()
Get maximum amount of time (in milliseconds) to keep track
of request rates for a connection, before deciding that
the user has gone away, and discarding it.
|
protected int |
getMaxPriority() |
long |
getMaxRequestMs()
Get maximum amount of time (in milliseconds) to allow
the request to process.
|
int |
getMaxRequestsPerSec()
Get maximum number of requests from a connection per
second.
|
long |
getMaxWaitMs()
Get maximum amount of time (in milliseconds) the filter will
blocking wait for the throttle semaphore.
|
java.lang.String |
getName()
The unique name of the filter when there is more than
one DosFilter instance.
|
protected int |
getPriority(javax.servlet.http.HttpServletRequest request,
DoSFilter.RateTracker tracker)
Get priority for this request, based on user type
|
DoSFilter.RateTracker |
getRateTracker(javax.servlet.ServletRequest request)
Return a request rate tracker associated with this connection; keeps
track of this connection's request rate.
|
int |
getThrottledRequests()
Get number of requests over the rate limit able to be
considered at once.
|
long |
getThrottleMs()
Get amount of time (in milliseconds) to async wait for semaphore.
|
int |
getTooManyCode() |
java.lang.String |
getWhitelist()
Get a list of IP addresses that will not be rate limited.
|
void |
init(javax.servlet.FilterConfig filterConfig) |
boolean |
isEnabled() |
boolean |
isInsertHeaders()
Check flag to insert the DoSFilter headers into the response.
|
boolean |
isRemotePort()
Get flag to have usage rate tracked by IP+port (effectively connection)
if session tracking is not used.
|
boolean |
isTrackSessions()
Get flag to have usage rate tracked by session if a session exists.
|
protected void |
onRequestTimeout(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
java.lang.Thread handlingThread)
Invoked when the request handling exceeds
getMaxRequestMs() . |
private byte[] |
prefixToBytes(int prefix,
int length) |
void |
removeFromRateTracker(java.lang.String id) |
boolean |
removeWhitelistAddress(java.lang.String address)
Removes the given address from the list of whitelisted IP addresses.
|
void |
schedule(DoSFilter.RateTracker tracker) |
void |
setDelayMs(long value)
Set delay (in milliseconds) that is applied to all requests
over the rate limit, before they are considered at all.
|
void |
setEnabled(boolean enabled) |
void |
setInsertHeaders(boolean value)
Set flag to insert the DoSFilter headers into the response.
|
void |
setMaxIdleTrackerMs(long value)
Set maximum amount of time (in milliseconds) to keep track
of request rates for a connection, before deciding that
the user has gone away, and discarding it.
|
void |
setMaxRequestMs(long value)
Set maximum amount of time (in milliseconds) to allow
the request to process.
|
void |
setMaxRequestsPerSec(int value)
Get maximum number of requests from a connection per
second.
|
void |
setMaxWaitMs(long value)
Set maximum amount of time (in milliseconds) the filter will
blocking wait for the throttle semaphore.
|
void |
setName(java.lang.String name) |
void |
setRemotePort(boolean value)
Set flag to have usage rate tracked by IP+port (effectively connection)
if session tracking is not used.
|
void |
setThrottledRequests(int value)
Set number of requests over the rate limit able to be
considered at once.
|
void |
setThrottleMs(long value)
Set amount of time (in milliseconds) to async wait for semaphore.
|
void |
setTooManyCode(int tooManyCode) |
void |
setTrackSessions(boolean value)
Set flag to have usage rate tracked by session if a session exists.
|
void |
setWhitelist(java.lang.String commaSeparatedList)
Set a list of IP addresses that will not be rate limited.
|
protected Scheduler |
startScheduler() |
protected void |
stopScheduler() |
protected boolean |
subnetMatch(java.lang.String subnetAddress,
java.lang.String address) |
private static final Logger LOG
private static final java.lang.String IPv4_GROUP
private static final java.util.regex.Pattern IPv4_PATTERN
private static final java.lang.String IPv6_GROUP
private static final java.util.regex.Pattern IPv6_PATTERN
private static final java.util.regex.Pattern CIDR_PATTERN
private static final java.lang.String __TRACKER
private static final java.lang.String __THROTTLED
private static final int __DEFAULT_MAX_REQUESTS_PER_SEC
private static final int __DEFAULT_DELAY_MS
private static final int __DEFAULT_THROTTLE
private static final int __DEFAULT_MAX_WAIT_MS
private static final long __DEFAULT_THROTTLE_MS
private static final long __DEFAULT_MAX_REQUEST_MS_INIT_PARAM
private static final long __DEFAULT_MAX_IDLE_TRACKER_MS_INIT_PARAM
static final java.lang.String NAME
static final java.lang.String MANAGED_ATTR_INIT_PARAM
static final java.lang.String MAX_REQUESTS_PER_S_INIT_PARAM
static final java.lang.String DELAY_MS_INIT_PARAM
static final java.lang.String THROTTLED_REQUESTS_INIT_PARAM
static final java.lang.String MAX_WAIT_INIT_PARAM
static final java.lang.String THROTTLE_MS_INIT_PARAM
static final java.lang.String MAX_REQUEST_MS_INIT_PARAM
static final java.lang.String MAX_IDLE_TRACKER_MS_INIT_PARAM
static final java.lang.String INSERT_HEADERS_INIT_PARAM
static final java.lang.String TRACK_SESSIONS_INIT_PARAM
static final java.lang.String REMOTE_PORT_INIT_PARAM
static final java.lang.String IP_WHITELIST_INIT_PARAM
static final java.lang.String ENABLED_INIT_PARAM
static final java.lang.String TOO_MANY_CODE
private static final int USER_AUTH
private static final int USER_SESSION
private static final int USER_IP
private static final int USER_UNKNOWN
private final java.lang.String _suspended
private final java.lang.String _resumed
private final java.util.concurrent.ConcurrentHashMap<java.lang.String,DoSFilter.RateTracker> _rateTrackers
private final java.util.List<java.lang.String> _whitelist
private int _tooManyCode
private volatile long _delayMs
private volatile long _throttleMs
private volatile long _maxWaitMs
private volatile long _maxRequestMs
private volatile long _maxIdleTrackerMs
private volatile boolean _insertHeaders
private volatile boolean _trackSessions
private volatile boolean _remotePort
private volatile boolean _enabled
private volatile java.lang.String _name
private java.util.concurrent.Semaphore _passes
private volatile int _throttledRequests
private volatile int _maxRequestsPerSec
private java.util.Queue<javax.servlet.AsyncContext>[] _queues
private javax.servlet.AsyncListener[] _listeners
private Scheduler _scheduler
private javax.servlet.ServletContext _context
public void init(javax.servlet.FilterConfig filterConfig) throws javax.servlet.ServletException
init
in interface javax.servlet.Filter
javax.servlet.ServletException
protected Scheduler startScheduler() throws javax.servlet.ServletException
javax.servlet.ServletException
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain filterChain) throws java.io.IOException, javax.servlet.ServletException
doFilter
in interface javax.servlet.Filter
java.io.IOException
javax.servlet.ServletException
protected void doFilter(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain) throws java.io.IOException, javax.servlet.ServletException
java.io.IOException
javax.servlet.ServletException
protected void doFilterChain(javax.servlet.FilterChain chain, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws java.io.IOException, javax.servlet.ServletException
java.io.IOException
javax.servlet.ServletException
protected void onRequestTimeout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.Thread handlingThread)
getMaxRequestMs()
.
By default, a HTTP 503 response is returned and the handling thread is interrupted.
request
- the current requestresponse
- the current responsehandlingThread
- the handling thread@Deprecated protected void closeConnection(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.Thread thread)
onRequestTimeout(HttpServletRequest, HttpServletResponse, Thread)
insteadrequest
- the current requestresponse
- the current responsethread
- the handling threadprotected int getPriority(javax.servlet.http.HttpServletRequest request, DoSFilter.RateTracker tracker)
request
- the current requesttracker
- the rate tracker for this requestprotected int getMaxPriority()
public void schedule(DoSFilter.RateTracker tracker)
public DoSFilter.RateTracker getRateTracker(javax.servlet.ServletRequest request)
Assumes that each connection has an identifying characteristic, and goes through them in order, taking the first that matches: user id (logged in), session id, client IP address. Unidentifiable connections are lumped into one.
When a session expires, its rate tracker is automatically deleted.
request
- the current requestpublic void addToRateTracker(DoSFilter.RateTracker tracker)
public void removeFromRateTracker(java.lang.String id)
protected boolean checkWhitelist(java.lang.String candidate)
@Deprecated protected boolean checkWhitelist(java.util.List<java.lang.String> whitelist, java.lang.String candidate)
protected boolean subnetMatch(java.lang.String subnetAddress, java.lang.String address)
private byte[] addressToBytes(java.lang.String address)
private byte[] prefixToBytes(int prefix, int length)
public void destroy()
destroy
in interface javax.servlet.Filter
protected void stopScheduler()
protected java.lang.String extractUserId(javax.servlet.ServletRequest request)
request
- the current request@ManagedAttribute(value="maximum number of requests allowed from a connection per second") public int getMaxRequestsPerSec()
public void setMaxRequestsPerSec(int value)
value
- maximum number of requests@ManagedAttribute(value="delay applied to all requests over the rate limit (in ms)") public long getDelayMs()
public void setDelayMs(long value)
value
- delay (in milliseconds), 0 - no delay, -1 - reject request@ManagedAttribute(value="maximum time the filter will block waiting throttled connections, (0 for no delay, -1 to reject requests)") public long getMaxWaitMs()
public void setMaxWaitMs(long value)
value
- maximum wait time@ManagedAttribute(value="number of requests over rate limit") public int getThrottledRequests()
public void setThrottledRequests(int value)
value
- number of requests@ManagedAttribute(value="amount of time to async wait for semaphore") public long getThrottleMs()
public void setThrottleMs(long value)
value
- wait time@ManagedAttribute(value="maximum time to allow requests to process (in ms)") public long getMaxRequestMs()
public void setMaxRequestMs(long value)
value
- maximum processing time@ManagedAttribute(value="maximum time to track of request rates for connection before discarding") public long getMaxIdleTrackerMs()
public void setMaxIdleTrackerMs(long value)
value
- maximum tracking timepublic java.lang.String getName()
public void setName(java.lang.String name)
name
- the name to set@ManagedAttribute(value="inser DoSFilter headers in response") public boolean isInsertHeaders()
public void setInsertHeaders(boolean value)
value
- value of the flag@ManagedAttribute(value="usage rate is tracked by session if one exists") public boolean isTrackSessions()
public void setTrackSessions(boolean value)
value
- value of the flag@ManagedAttribute(value="usage rate is tracked by IP+port is session tracking not used") public boolean isRemotePort()
public void setRemotePort(boolean value)
value
- value of the flag@ManagedAttribute(value="whether this filter is enabled") public boolean isEnabled()
public void setEnabled(boolean enabled)
enabled
- whether this filter is enabledpublic int getTooManyCode()
public void setTooManyCode(int tooManyCode)
@ManagedAttribute(value="list of IPs that will not be rate limited") public java.lang.String getWhitelist()
public void setWhitelist(java.lang.String commaSeparatedList)
commaSeparatedList
- comma-separated whitelist@ManagedOperation(value="clears the list of IP addresses that will not be rate limited") public void clearWhitelist()
@ManagedOperation(value="adds an IP address that will not be rate limited") public boolean addWhitelistAddress(@Name(value="address") java.lang.String address)
address
- the address to addremoveWhitelistAddress(String)
private boolean addWhitelistAddress(java.util.List<java.lang.String> list, java.lang.String address)
@ManagedOperation(value="removes an IP address that will not be rate limited") public boolean removeWhitelistAddress(@Name(value="address") java.lang.String address)
address
- the address to removeaddWhitelistAddress(String)
private java.lang.String createRemotePortId(javax.servlet.ServletRequest request)