Module org.eclipse.jetty.server
Package org.eclipse.jetty.server.handler

Class ThreadLimitHandler

java.lang.Object
org.eclipse.jetty.util.component.AbstractLifeCycle
org.eclipse.jetty.util.component.ContainerLifeCycle
org.eclipse.jetty.server.Handler.Abstract
org.eclipse.jetty.server.Handler.AbstractContainer
org.eclipse.jetty.server.Handler.Wrapper
org.eclipse.jetty.server.handler.ThreadLimitHandler
All Implemented Interfaces:
Handler, Handler.Container, Handler.Singleton, Request.Handler, org.eclipse.jetty.util.component.Container, org.eclipse.jetty.util.component.Destroyable, org.eclipse.jetty.util.component.Dumpable, org.eclipse.jetty.util.component.Dumpable.DumpableContainer, org.eclipse.jetty.util.component.LifeCycle, org.eclipse.jetty.util.thread.Invocable
public class ThreadLimitHandler extends Handler.Wrapper

Handler to limit the threads per IP address for DOS protection

The ThreadLimitHandler applies a limit to the number of Threads that can be used simultaneously per remote IP address.

The handler makes a determination of the remote IP separately to any that may be made by the ForwardedRequestCustomizer or similar:

  • This handler will use either only a single style of forwarded header. This is on the assumption that a trusted local proxy will produce only a single forwarded header and that any additional headers are likely from untrusted client side proxies.
  • If multiple instances of a forwarded header are provided, this handler will use the right-most instance, which will have been set from the trusted local proxy
Requests in excess of the limit will be asynchronously suspended until a thread is available.

This is a simpler alternative to DosFilter

  • Nested Class Summary

    Nested classes/interfaces inherited from class org.eclipse.jetty.server.Handler.Abstract

    Handler.Abstract.NonBlocking

    Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

    org.eclipse.jetty.util.component.AbstractLifeCycle.AbstractLifeCycleListener, org.eclipse.jetty.util.component.AbstractLifeCycle.StopException

    Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container

    org.eclipse.jetty.util.component.Container.InheritedListener, org.eclipse.jetty.util.component.Container.Listener

    Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Dumpable

    org.eclipse.jetty.util.component.Dumpable.DumpableContainer

    Nested classes/interfaces inherited from interface org.eclipse.jetty.server.Handler

    Handler.Abstract, Handler.AbstractContainer, Handler.Collection, Handler.Container, Handler.Sequence, Handler.Singleton, Handler.Wrapper

    Nested classes/interfaces inherited from interface org.eclipse.jetty.util.thread.Invocable

    org.eclipse.jetty.util.thread.Invocable.Callable, org.eclipse.jetty.util.thread.Invocable.InvocationType, org.eclipse.jetty.util.thread.Invocable.ReadyTask, org.eclipse.jetty.util.thread.Invocable.Task

    Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle

    org.eclipse.jetty.util.component.LifeCycle.Listener

  • Field Summary

    Fields inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

    FAILED, STARTED, STARTING, STOPPED, STOPPING

    Fields inherited from interface org.eclipse.jetty.util.component.Dumpable

    KEY

    Fields inherited from interface org.eclipse.jetty.util.thread.Invocable

    __nonBlocking, NOOP

  • Constructor Summary

    Constructors
    Constructor
    Description
    ThreadLimitHandler()
     
    ThreadLimitHandler(String forwardedHeader)
     
    ThreadLimitHandler(String forwardedHeader, boolean rfc7239)
     
    ThreadLimitHandler(Handler handler, String forwardedHeader, boolean rfc7239)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected void
    doStart()
     
    void
    exclude(String inetAddressPattern)
     
    protected String
    getRemoteIP(Request baseRequest)
     
    int
    getThreadLimit()
     
    protected int
    getThreadLimit(String ip)
     
    boolean
    handle(Request request, Response response, org.eclipse.jetty.util.Callback callback)
    Invoked to handle the passed HTTP request and response.
    void
    include(String inetAddressPattern)
     
    boolean
    isEnabled()
     
    void
    setEnabled(boolean enabled)
     
    void
    setThreadLimit(int threadLimit)
     

    Methods inherited from class org.eclipse.jetty.server.Handler.Wrapper

    getHandler, getInvocationType, setHandler

    Methods inherited from class org.eclipse.jetty.server.Handler.AbstractContainer

    findContainerOf, getDescendant, getDescendants, isDynamic, setDynamic, setServer

    Methods inherited from class org.eclipse.jetty.server.Handler.Abstract

    destroy, doStop, getServer

    Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle

    addBean, addBean, addEventListener, addManaged, contains, dump, dump, dump, dumpObjects, dumpStdErr, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, start, stop, unmanage, updateBean, updateBean, updateBeans, updateBeans

    Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

    getEventListeners, getState, getState, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, setEventListeners, start, stop, toString

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

    Methods inherited from interface org.eclipse.jetty.util.component.Container

    getCachedBeans, getEventListeners

    Methods inherited from interface org.eclipse.jetty.util.component.Destroyable

    destroy

    Methods inherited from interface org.eclipse.jetty.util.component.Dumpable

    dumpSelf

    Methods inherited from interface org.eclipse.jetty.util.component.Dumpable.DumpableContainer

    isDumpable

    Methods inherited from interface org.eclipse.jetty.server.Handler

    getServer, setServer

    Methods inherited from interface org.eclipse.jetty.server.Handler.Container

    getContainer, getDescendant, getDescendants, getDescendants

    Methods inherited from interface org.eclipse.jetty.server.Handler.Singleton

    getHandlers, getTail, insertHandler, setHandler

    Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle

    addEventListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeEventListener, start, stop

  • Constructor Details

    • ThreadLimitHandler

      public ThreadLimitHandler()

    • ThreadLimitHandler

      public ThreadLimitHandler(@Name("forwardedHeader") String forwardedHeader)

    • ThreadLimitHandler

      public ThreadLimitHandler(@Name("forwardedHeader") String forwardedHeader, @Name("rfc7239") boolean rfc7239)

    • ThreadLimitHandler

      public ThreadLimitHandler(@Name("handler") Handler handler, @Name("forwardedHeader") String forwardedHeader, @Name("rfc7239") boolean rfc7239)

  • Method Details

    • doStart

      protected void doStart() throws Exception
      Overrides:
      doStart in class Handler.Abstract
      Throws:
      Exception

    • isEnabled

      @ManagedAttribute("true if this handler is enabled") public boolean isEnabled()

    • setEnabled

      public void setEnabled(boolean enabled)

    • getThreadLimit

      @ManagedAttribute("The maximum threads that can be dispatched per remote IP") public int getThreadLimit()

    • getThreadLimit

      protected int getThreadLimit(String ip)

    • setThreadLimit

      public void setThreadLimit(int threadLimit)

    • include

      @ManagedOperation("Include IP in thread limits") public void include(String inetAddressPattern)

    • exclude

      @ManagedOperation("Exclude IP from thread limits") public void exclude(String inetAddressPattern)

    • handle

      public boolean handle(Request request, Response response, org.eclipse.jetty.util.Callback callback) throws Exception
      Description copied from interface: Request.Handler

      Invoked to handle the passed HTTP request and response.

      The request is accepted by returning true, then handling must be concluded by completing the passed callback. The handling may be asynchronous, i.e. this method may return true and complete the given callback later, possibly from a different thread. If this method returns false, then the callback must not be invoked and any mutation on the response reversed.

      Exceptions thrown by this method may be subsequently handled by an error Request.Handler, if present, otherwise a default HTTP 500 error is generated and the callback completed while writing the error response.

      The simplest implementation is:

       public boolean handle(Request request, Response response, Callback callback)
 {
     callback.succeeded();
     return true;
 }

      A HelloWorld implementation is:

       public boolean handle(Request request, Response response, Callback callback)
 {
     response.write(true, ByteBuffer.wrap("Hello World\n".getBytes(StandardCharsets.UTF_8)), callback);
     return true;
 }
      Specified by:
      handle in interface Request.Handler
      Overrides:
      handle in class Handler.Wrapper
      Parameters:
      request - the HTTP request to handle
      response - the HTTP response to handle
      callback - the callback to complete when the handling is complete
      Returns:
      True if and only if the request will be handled, a response generated and the callback eventually called. This may occur within the scope of the call to this method, or asynchronously some time later. If false is returned, then this method must not generate a response, nor complete the callback.
      Throws:
      Exception - if there is a failure during the handling. Catchers cannot assume that the callback will be called and thus should attempt to complete the request as if a false had been returned.

    • getRemoteIP

      protected String getRemoteIP(Request baseRequest)