Warning: Can't synchronize with repository "(default)" (/home/git/ome.git does not appear to be a Git repository.). Look in the Trac log for more information.
Notice: In order to edit this ticket you need to be either: a Product Owner, The owner or the reporter of the ticket, or, in case of a Task not yet assigned, a team_member"

Task #486 (closed)

Opened 17 years ago

Closed 16 years ago

Investigate throttling users based on connections.

Reported by: jamoore Owned by: jamoore
Priority: critical Milestone: 3.0-Beta3
Component: Security Version: 3.0-Beta1
Keywords: n.a. Cc:
Resources: n.a. Referenced By: n.a.
References: n.a. Remaining Time: n.a.
Sprint: n.a.

Description

With a default postgres connection limit of about 100, it doesn't take too much (or too many threads) for a single user to DoS the server (e.g. trying to generate 100 thumbnails ASAP would do it)

During SecuritySystem.login() various checks could be performed. The question is: block or throw (and what exception)?

Change History (1)

comment:1 Changed 16 years ago by jmoore

  • Milestone changed from GatherReqs to 3.0-Beta3
  • Resolution set to fixed
  • Status changed from new to closed

Merged into #864

Note: See TracTickets for help on using tickets. You may also have a look at Agilo extensions to the ticket.

1.3.13-PRO © 2008-2011 Agilo Software all rights reserved (this page was served in: 0.65218 sec.)

© 2000-2014 University of Dundee & Open Microscopy Environment. Creative Commons Attribution 3.0 Unported License
OME source code is available under the GNU General public license or through commercial license from Glencoe Software

We're Hiring!