Hi, What servlet api are you using? Is it at least 2.4?
Tamas On 3/13/07, Pierre Thibaudeau <[EMAIL PROTECTED]> wrote:
I am trying to implement a flood control mechanism to prevent robots requesting pages after pages at an "inhuman" rate. My basic idea is this: * A FirstInFirstOut List stored in the HttpSession, that records the time of the user's last 10 requests. * On each new request, a filter compares the current time with the time of the 10th previous request. If not enough time went by, redirect to a "delay page" that requires the user to press a "Continue" button. Pipe the new request and its time, and pipe out the 10th previous request. The problem with that design: in some cases, one single request from the user will go through the filters several times because of various possible internal redirects. But I only want to record the times of the requests coming directly from the user. Therefore my question: Is there a simple straightforward way, from the filter's point of view, to distinguish between a request that came from outside (from the user), from an internal request (one that came through a redirection from ActionMapping to ActionMapping)?
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]