-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
All,
What are the options we might have to "punish" an HTTP client that we
don't like for some reason?
Specifically, I'd like to be able to write a servlet that ties-up the
response to the client for a while for some bad behavior. For example,
maybe lots of authentication attempts or some other criteria. Maybe
even just a single bad authentication attempt.
I'm thinking of something along these lines:
public void doGet(...) {
...
if(shouldPunishClient(...)) {
request.setAttribute("delay-client", Boolean.TRUE);
return;
}
...
}
Or maybe even specify a time-out.
Then, Tomcat observes that the servlet or filter wants to put the
response into the penalty box and, instead of flushing the response
and (possibly) closing the connection, it just sits-around for a
while, keeping the connection open.
The poller usually waits for data to become available on either end of
the connection and pushes the bytes. How complicated would it be to
put connections into a queue where they wait some amount of time
before being flushed/closed/returned to the connection pool? In this
case, the only stimulus for taking action is the passage of time, not
arrival of data on a stream.
Any thoughts about how this could be done?
Clearly, a simple Thread.sleep() would do the trick in terms of just
making the client wait, but the point would be to make the client wait
without a performance impact on the server.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlzUWrkACgkQHPApP6U8
pFg1rg/9Fe3hI2bup1VCz9MqM+ObSWQjXLJnaIsBfeZUX5p/QTz44A6sbvuwh392
tDlLMUXFUpNFuThVBT059Ypiwi8X80BCuQ313GQ4XP+AVEGrWig1cQ1MHekm2jGX
LUaREGPAG60KJXrcf8oeg+k+aXijQfwpEIjMBs1ssQT+9wKB8PZ5s8sVdxyFjZaQ
Gs54IjLVCfQBCKczOPqfPFyxtSjZX9xZsDk1dw3D912UXtYEph9oW6+8lFz9/vap
WnFn2WTPoGvwx7xMH+F+51CjGtfBTa7NEWmVWjpUzmmByMLhGAF/+1HrKtcxMbtt
xC5RDmSGbSmXlwDFHTOpGHtETUfJb/FpoBXD4S7S9vU9M/ltCsmaWprmg22d/nWu
dmWsg3V5CVMreP24b6bR2NuMkJ6qyZn1htFxm7maTEnASozNo8C7udVjj8iH9NY0
Rr51U1z7Dy8tl10Wp7wL0jvdK3uXl1qJki3rfsGHTOuBw2DP5apb9t7NaUYGAAX6
8BUNOnze1kJpB70Np6+an+i1Shps5et7yoPG26PShC2FzFYfLLmv5OcJFlmXq3zy
Y9h9V0UI34+LCc+Efzw63PP2FqINCMXOGrHpQHxFkQ3iVm2gM8Vt6mQcuHw8aXio
S6+0wA0tU8s0d4X6bWmHX1S0JA7CMX4oaeMRlrw0TRSdnC1uFiY=
=/xXV
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
