[wsas-java-dev] [jira] Created: (WSAS-208) Able to access the
services even after
engaging the throttle module with certain restrictions
Evanthika Amarasiri (JIRA)
jira at wso2.org
Mon Feb 5 22:10:17 PST 2007
Able to access the services even after engaging the throttle module with certain restrictions
---------------------------------------------------------------------------------------------
Key: WSAS-208
URL: http://www.wso2.org/jira/browse/WSAS-208
Project: WSO2 WSAS-Java
Issue Type: Bug
Components: servlet-edition
Affects Versions: Nightly
Environment: Windows XP, JDK 1.5.0_06, Firefox version 1.5.0.8, Jakarta-tomcat-5.0.30
Reporter: Evanthika Amarasiri
Assigned To: Afkham Azeez
Below are the steps to reproduce the error
1. Log in to the Management Console and go to "Modules > wso2throttle > Configure Policies"
2. Change the throttle module as follows (Set the throttle:IsAllow to false)
************************************************************************************************************************************************************************************************
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:Id="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" Id:Id="urn:uuid:9A0B81D1D51F9E8F6E1170725757246"><throttle:ThrottleAssertion xmlns:throttle="http://wsf/throttle">
<wsp:All>
<throttle:ID xmlns:type="http://wsf/throttle" type:type="IP">Other</throttle:ID>
<wsp:ExactlyOne>
<throttle:IsAllow>false</throttle:IsAllow>
<wsp:All>
<throttle:MaximumCount>5</throttle:MaximumCount>
<throttle:UnitTime>1000</throttle:UnitTime>
<throttle:ProhibitTimePeriod xmlns:Optional="http://schemas.xmlsoap.org/ws/2004/09/policy" Optional:Optional="true">10</throttle:ProhibitTimePeriod>
</wsp:All>
</wsp:ExactlyOne>
</wsp:All>
.
.
.
************************************************************************************************************************************************************************************************
3. Now engage this module to a particular service
4. Through the "Try it" option try to access the service
5. You should not be able to access the service since the throttle:IsAllow parameter is set to false
NOTE : Changed the module policy in some other ways and still was able to access the service and no restrictions were given
E.g.:- <wsp:All>
<throttle:MaximumCount>5</throttle:MaximumCount>
<throttle:UnitTime>1000</throttle:UnitTime>
<throttle:ProhibitTimePeriod xmlns:Optional="http://schemas.xmlsoap.org/ws/2004/09/policy" Optional:Optional="true">10</throttle:ProhibitTimePeriod>
</wsp:All>
Set the above parameters in the throttle module and was able to access the particular service more than 5 times. [Should not be able to try the operation more than 5 times]
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://www.wso2.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the Wsas-java-dev
mailing list