[jira] [Work logged] (KNOX-2806) Implement a new DoS security provider

Thu, 22 Sep 2022 06:25:16 -0700 


     [ 
https://issues.apache.org/jira/browse/KNOX-2806?focusedWorklogId=811228&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-811228
 ]

ASF GitHub Bot logged work on KNOX-2806:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 22/Sep/22 13:24
            Start Date: 22/Sep/22 13:24
    Worklog Time Spent: 10m 
      Work Description: MrtnBalazs opened a new pull request, #634:
URL: https://github.com/apache/knox/pull/634

   ## What changes were proposed in this pull request?
   
   (Please fill in changes proposed in this fix)
   
   ## How was this patch tested?
   
   




Issue Time Tracking
-------------------

            Worklog Id:     (was: 811228)
    Remaining Estimate: 0h
            Time Spent: 10m

> Implement a new DoS security provider
> -------------------------------------
>
>                 Key: KNOX-2806
>                 URL: https://issues.apache.org/jira/browse/KNOX-2806
>             Project: Apache Knox
>          Issue Type: Improvement
>          Components: Server
>    Affects Versions: 2.0.0
>            Reporter: Sandor Molnar
>            Assignee: Balazs Marton
>            Priority: Major
>             Fix For: 2.0.0
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> There is a need to implement a mechanism that prevents Knox from being 
> attacked using DoS (Denial of Service).
> One elegant way is to reuse Jetty's own DoS filter in a way such that it can 
> be configured as a new security provider:
>  * Maven project name: {{gateway-provider-security-dos}}
>  * Provider role: {{dos}}
>  * Provider name: {{JettyDoS}}
> In case someone wants to use this new feature, the new provider declaration 
> has to be added to the top of the providers (it must be documented). When 
> this provider is present in the topology, Jetty's DosFilter has to be 
> contributed to the filter chain. That is, a new 
> {{ProviderDeploymentContributor}} should be implemented that inserts the 
> {{org.eclipse.jetty.servlets.DoSFilter}} into each resource that is available 
> in the topology.
> References:
>  * [https://www.eclipse.org/jetty/documentation/jetty-9/index.html#dos-filter]
>  * 
> [https://archive.eclipse.org/jetty/9.0.0.RC0/apidocs/org/eclipse/jetty/servlets/DoSFilter.html]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to