Hi,
I’m looking into some possible improvements for control-flow and would
like to discuss them with the community.
First, we’d like to have the ability to create control flow rules on a per
request basis, in particular, to keep track of the user that’s making them
(this is unfornatuely going to be based on a pre-existing user management
system, so I won’t be able to merge into GeoServer also the user specific
portion, but at least this will make it doable later down the road).
Of course in order to work properly the flow controllers need to be long
lived, not created on the fly by the request, but we want to make
the ControlFlowConfigurator be responsible for it.
So, the ControlFlowConfigurator would be changed to switch from this:
public interface ControlFlowConfigurator {
/**
- Builds the set of flow controllers to be used in the {@link ControlFlowCallback}
*/
Collection buildFlowControllers() throws Exception;
/**
- Maximum time the request can be held in queue before giving up to it.
- @return The maximum time in milliseconds. Use 0 or a negative number for no timeout
*/
long getTimeout();
/**
- Returns true if the set of flow controllers changed since last invocation of
- {@link #buildFlowControllers()}
- @return
*/
boolean isStale();
}
to this:
public interface ControlFlowConfigurator {
/**
- Builds the set of flow controllers to be used in the {@link ControlFlowCallback}
*/
List getFlowControllers() throws Exception;
/**
- Maximum time the request can be held in queue before giving up to it.
- @return The maximum time in milliseconds. Use 0 or a negative number for no timeout
*/
long getTimeout();
}
Significant changes:
- The configurator returns an already sorted list of controllers, it’s up to the configurator to
put them in the desired order - Since the getFlowController() method will be called for each request, the configurator
will be responsible of managing the lifetime of the controllers, and the ControlFlowCallback
will keep the list of controllers in a callback
The second change we’d like to propose is rate limiting, that is, allow controlling how many
requests per unit of time we allow, and eventually delay the excess.
The rules would look more or less like this:
user.ows[.service[.request[.outputformat]]]=10/s;1s
ip.ows[.service[.request[.outputformat]]]=10/s;1s
That is, we make it user or ip based, and we express a max amount of requests in a unit
of time (s, m, h, d), and then an eventual delay with a unit of measure.
Last, but not least, in case a request ends up waiting too much, we should be returning
a HTTP 429 instead of the current 403, and allow have the flow controllers add one
or more HTTP headers to the response in case the request are getting blocked,
as a debugging facilitation (and to make it more evident that a request flow control
is in place).
Opinions?
Cheers
Andrea
–
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.
==
Ing. Andrea Aime
@geowolf
Technical Lead
GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549
http://www.geo-solutions.it
http://twitter.com/geosolutions_it
AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.
The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy’s New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.