[
https://issues.apache.org/jira/browse/ZOOKEEPER-2454?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15355207#comment-15355207
]
Botond Hejj commented on ZOOKEEPER-2454:
----------------------------------------
Good point.
We could call this than limiting by id. All the auth plugins have id field
already. I understand that id might be not equal to user all the time and maybe
some auth plugins are not based on user at all.
In digest you point out that user is different than the id which is true but
actually a user maps to a single id so using id instead of user leads to the
same result.
> Limit Connection Count based on User
> ------------------------------------
>
> Key: ZOOKEEPER-2454
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2454
> Project: ZooKeeper
> Issue Type: New Feature
> Components: server
> Reporter: Botond Hejj
> Assignee: Botond Hejj
> Priority: Minor
> Attachments: ZOOKEEPER-2454-br-3-4.patch, ZOOKEEPER-2454.patch
>
>
> ZooKeeper currently can limit connection count from clients coming from the
> same ip. It is a great feature to malfunctioning clients DOS-ing the server
> with many requests.
> I propose additional safegurads for ZooKeeper.
> It would be great if optionally connection count could be limited for a
> specific user or a specific user on an ip.
> This is great in cases where ZooKeeper ensemble is shared by multiple users
> and these users share the same client ips. This can be common in container
> based cloud deployment where external ip of multiple clients can be the same.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
