CXF web service throttling
Question
I'm new to CXF and I would like to know if it has any build-in mechanism that would allow limiting the number of concurrent calls to the web service, thus addressing the possibility of a DoS attack? Something similar to this feature of WCF?
1 answers
solution1
4 ACCPTED 2011-05-16 16:45:19
CXF has some ability to do some of this out of the box. CXF endpoints can have a factory configured on the invoker which is used to obtain the Object that is invoked upon. Out of the box, there is a PooledFactory that can maintain a pool of instances. It can be set to not create additional instances beyond the max and thus wait until more are freed up. That can throttle things a bit. You can configure this via spring config or via an annotation on the impl:
@FactoryType(value=FactoryType.Type.POOLED, args={"25"})
(25 is the max size of the pool)
However, this is very late in the processing. By the time it reaches there, all the XML has been parsed, jaxb objects created, etc... For DOS, you'd likely want to stop earlier. You can implement an interceptor that would live early in the chain that would keep a count stored on the endpoint. Increment and check on the incoming chain, decrement on the outgoing chain.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.