[jira] [Work logged] (KNOX-2806) Implement a new DoS security provider

Thu, 29 Sep 2022 02:47:09 -0700 


     [ 
https://issues.apache.org/jira/browse/KNOX-2806?focusedWorklogId=813281&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-813281
 ]

ASF GitHub Bot logged work on KNOX-2806:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 29/Sep/22 09:46
            Start Date: 29/Sep/22 09:46
    Worklog Time Spent: 10m 
      Work Description: smolnar82 commented on PR #634:
URL: https://github.com/apache/knox/pull/634#issuecomment-1262036716

   @zeroflag - please review this one when you have time; thanks!




Issue Time Tracking
-------------------

    Worklog Id:     (was: 813281)
    Time Spent: 50m  (was: 40m)

> Implement a new DoS security provider
> -------------------------------------
>
>                 Key: KNOX-2806
>                 URL: https://issues.apache.org/jira/browse/KNOX-2806
>             Project: Apache Knox
>          Issue Type: Improvement
>          Components: Server
>    Affects Versions: 2.0.0
>            Reporter: Sandor Molnar
>            Assignee: Balazs Marton
>            Priority: Major
>             Fix For: 2.0.0
>
>          Time Spent: 50m
>  Remaining Estimate: 0h
>
> There is a need to implement a mechanism that prevents Knox from being 
> attacked using DoS (Denial of Service).
> One elegant way is to reuse Jetty's own DoS filter in a way such that it can 
> be configured as a new security provider:
>  * Maven project name: {{gateway-provider-security-dos}}
>  * Provider role: {{dos}}
>  * Provider name: {{JettyDoS}}
> In case someone wants to use this new feature, the new provider declaration 
> has to be added to the top of the providers (it must be documented). When 
> this provider is present in the topology, Jetty's DosFilter has to be 
> contributed to the filter chain. That is, a new 
> {{ProviderDeploymentContributor}} should be implemented that inserts the 
> {{org.eclipse.jetty.servlets.DoSFilter}} into each resource that is available 
> in the topology.
> References:
>  * [https://www.eclipse.org/jetty/documentation/jetty-9/index.html#dos-filter]
>  * 
> [https://archive.eclipse.org/jetty/9.0.0.RC0/apidocs/org/eclipse/jetty/servlets/DoSFilter.html]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to