[
https://issues.apache.org/jira/browse/ZOOKEEPER-2454?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15354433#comment-15354433
]
Edward Ribeiro commented on ZOOKEEPER-2454:
-------------------------------------------
There was a bug in my previous suggestion:
{code}
private <T> void addCnxnToLimiter(ConcurrentHashMap<T, Set<NIOServerCnxn>>
map, NIOServerCnxn cnxn, T key) {
// if key doesn't exist returns null, else returns the associated value
Set<NIOServerCnxn> cnxns = map.putIfAbsent(key, new
HashSet<NIOServerCnxn>());
if (cnxns == null) {
cnxns = map.get(key);
}
synchronized (cnxns) {
// a Set doesn't accept duplicates and the operation is
synchronized,
// so I don't think this 'if' test is really necessary
if (!cnxns.contains(cnxn)) {
cnxns.add(cnxn);
}
}
}
{code}
> Limit Connection Count based on User
> ------------------------------------
>
> Key: ZOOKEEPER-2454
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2454
> Project: ZooKeeper
> Issue Type: New Feature
> Components: server
> Reporter: Botond Hejj
> Assignee: Botond Hejj
> Priority: Minor
> Attachments: ZOOKEEPER-2454-br-3-4.patch, ZOOKEEPER-2454.patch
>
>
> ZooKeeper currently can limit connection count from clients coming from the
> same ip. It is a great feature to malfunctioning clients DOS-ing the server
> with many requests.
> I propose additional safegurads for ZooKeeper.
> It would be great if optionally connection count could be limited for a
> specific user or a specific user on an ip.
> This is great in cases where ZooKeeper ensemble is shared by multiple users
> and these users share the same client ips. This can be common in container
> based cloud deployment where external ip of multiple clients can be the same.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
