Throttle HTTP request in Java Servlet
Question
In a java servlet, how can I throttle http requests coming from users based on the client's IP address? I do not want to serve more than X requests per second coming from a particular source IP address where X is configurable and having practical values in [0.1; 10] range (from 1 request in 10 sec to 10 requests per sec).
5 answers
solution1
4 2013-01-31 17:15:17
The owasp-esapi-java project, hosted at code.google.com, has an implementation of a throttle filter that you can use "as is" or use as inspiration for your own.
You can check the code at the following link:
solution2
3 2011-06-02 01:30:03
Use a servlet filter: if you're on Jetty 7.0 or higher there is this
solution3
2 2011-06-02 01:24:03
I would write a Filter for that task.
solution4
2 2011-06-02 01:57:50
As @EJP said, using a Filter with a HashMap that stores the last access time by IP address key. 10 requests a second would translate to 100ms between calls, minimum. Sending a server busy error code back and killing the request will quickly close the resources used by the connection. There are prebuilt solutions for Apache if that's an option for you.
solution5
1 2011-06-02 04:38:59
Check if the container you are using provides this kind of Denial Of Service. If no, then you would have to go with a filter.
ServletRequest.getRemoteHost() gives you access to the client IP.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.