Module org.eclipse.jetty.server
Package org.eclipse.jetty.server.handler

Class ThreadLimitHandler

  • All Implemented Interfaces:
    Handler, HandlerContainer, org.eclipse.jetty.util.component.Container, org.eclipse.jetty.util.component.Destroyable, org.eclipse.jetty.util.component.Dumpable, org.eclipse.jetty.util.component.Dumpable.DumpableContainer, org.eclipse.jetty.util.component.LifeCycle
    public class ThreadLimitHandler
extends HandlerWrapper

    Handler to limit the threads per IP address for DOS protection

    The ThreadLimitHandler applies a limit to the number of Threads that can be used simultaneously per remote IP address.

    The handler makes a determination of the remote IP separately to any that may be made by the ForwardedRequestCustomizer or similar:

    • This handler will use either only a single style of forwarded header. This is on the assumption that a trusted local proxy will produce only a single forwarded header and that any additional headers are likely from untrusted client side proxies.
    • If multiple instances of a forwarded header are provided, this handler will use the right-most instance, which will have been set from the trusted local proxy
    Requests in excess of the limit will be asynchronously suspended until a thread is available.

    This is a simpler alternative to DosFilter

    • Nested Class Summary

      • Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

        org.eclipse.jetty.util.component.AbstractLifeCycle.AbstractLifeCycleListener, org.eclipse.jetty.util.component.AbstractLifeCycle.StopException

      • Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container

        org.eclipse.jetty.util.component.Container.InheritedListener, org.eclipse.jetty.util.component.Container.Listener

      • Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Dumpable

        org.eclipse.jetty.util.component.Dumpable.DumpableContainer

      • Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle

        org.eclipse.jetty.util.component.LifeCycle.Listener

    • Field Summary

      • Fields inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

        FAILED, STARTED, STARTING, STOPPED, STOPPING

      • Fields inherited from interface org.eclipse.jetty.util.component.Dumpable

        KEY

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected void doStart()  
      void exclude​(java.lang.String inetAddressPattern)  
      protected java.lang.String getRemoteIP​(Request baseRequest)  
      int getThreadLimit()  
      protected int getThreadLimit​(java.lang.String ip)  
      void handle​(java.lang.String target, Request baseRequest, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
      Handle a request.
      void include​(java.lang.String inetAddressPattern)  
      boolean isEnabled()  
      void setEnabled​(boolean enabled)  
      void setThreadLimit​(int threadLimit)  

      • Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle

        addBean, addBean, addEventListener, addManaged, contains, dump, dump, dump, dumpObjects, dumpStdErr, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, start, stop, unmanage, updateBean, updateBean, updateBeans

      • Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

        getEventListeners, getState, getState, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, setEventListeners, start, stop, toString

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

      • Methods inherited from interface org.eclipse.jetty.util.component.Container

        getCachedBeans, getEventListeners

      • Methods inherited from interface org.eclipse.jetty.util.component.Dumpable

        dumpSelf

      • Methods inherited from interface org.eclipse.jetty.util.component.Dumpable.DumpableContainer

        isDumpable

      • Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle

        addEventListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeEventListener, start, stop

    • Constructor Detail

      • ThreadLimitHandler

        public ThreadLimitHandler()

      • ThreadLimitHandler

        public ThreadLimitHandler​(@Name("forwardedHeader")
                          java.lang.String forwardedHeader)

      • ThreadLimitHandler

        public ThreadLimitHandler​(@Name("forwardedHeader")
                          java.lang.String forwardedHeader,
                          @Name("rfc7239")
                          boolean rfc7239)

    • Method Detail

      • doStart

        protected void doStart()
                throws java.lang.Exception
        Overrides:
        doStart in class AbstractHandler
        Throws:
        java.lang.Exception

      • isEnabled

        @ManagedAttribute("true if this handler is enabled")
public boolean isEnabled()

      • setEnabled

        public void setEnabled​(boolean enabled)

      • getThreadLimit

        @ManagedAttribute("The maximum threads that can be dispatched per remote IP")
public int getThreadLimit()

      • getThreadLimit

        protected int getThreadLimit​(java.lang.String ip)

      • setThreadLimit

        public void setThreadLimit​(int threadLimit)

      • include

        @ManagedOperation("Include IP in thread limits")
public void include​(java.lang.String inetAddressPattern)

      • exclude

        @ManagedOperation("Exclude IP from thread limits")
public void exclude​(java.lang.String inetAddressPattern)

      • handle

        public void handle​(java.lang.String target,
                   Request baseRequest,
                   jakarta.servlet.http.HttpServletRequest request,
                   jakarta.servlet.http.HttpServletResponse response)
            throws java.io.IOException,
                   jakarta.servlet.ServletException
        Description copied from interface: Handler
        Handle a request.
        Specified by:
        handle in interface Handler
        Overrides:
        handle in class HandlerWrapper
        Parameters:
        target - The target of the request - either a URI or a name.
        baseRequest - The original unwrapped request object.
        request - The request either as the Request object or a wrapper of that request. The HttpConnection.getCurrentConnection().getHttpChannel().getRequest() method can be used access the Request object if required.
        response - The response as the Response object or a wrapper of that request. The HttpConnection.getCurrentConnection().getHttpChannel().getResponse() method can be used access the Response object if required.
        Throws:
        java.io.IOException - if unable to handle the request or response processing
        jakarta.servlet.ServletException - if unable to handle the request or response due to underlying servlet issue

      • getRemoteIP

        protected java.lang.String getRemoteIP​(Request baseRequest)