[
https://issues.apache.org/jira/browse/KNOX-2806?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17611470#comment-17611470
]
ASF subversion and git services commented on KNOX-2806:
-------------------------------------------------------
Commit c47a425a6a70669134716ce552a7cca4abb12dbe in knox's branch
refs/heads/master from MrtnBalazs
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=c47a425a6 ]
KNOX-2806 - Implement a new DoS security provider (#634)
> Implement a new DoS security provider
> -------------------------------------
>
> Key: KNOX-2806
> URL: https://issues.apache.org/jira/browse/KNOX-2806
> Project: Apache Knox
> Issue Type: Improvement
> Components: Server
> Affects Versions: 2.0.0
> Reporter: Sandor Molnar
> Assignee: Balazs Marton
> Priority: Major
> Fix For: 2.0.0
>
> Time Spent: 1h
> Remaining Estimate: 0h
>
> There is a need to implement a mechanism that prevents Knox from being
> attacked using DoS (Denial of Service).
> One elegant way is to reuse Jetty's own DoS filter in a way such that it can
> be configured as a new security provider:
> * Maven project name: {{gateway-provider-security-dos}}
> * Provider role: {{dos}}
> * Provider name: {{JettyDoS}}
> In case someone wants to use this new feature, the new provider declaration
> has to be added to the top of the providers (it must be documented). When
> this provider is present in the topology, Jetty's DosFilter has to be
> contributed to the filter chain. That is, a new
> {{ProviderDeploymentContributor}} should be implemented that inserts the
> {{org.eclipse.jetty.servlets.DoSFilter}} into each resource that is available
> in the topology.
> References:
> * [https://www.eclipse.org/jetty/documentation/jetty-9/index.html#dos-filter]
> *
> [https://archive.eclipse.org/jetty/9.0.0.RC0/apidocs/org/eclipse/jetty/servlets/DoSFilter.html]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
