[wsas-java-dev] [jira] Closed: (WSAS-208) Able to access the
services even after
engaging the throttle module with certain restrictions
Charitha Kankanamge (JIRA)
jira at wso2.org
Mon Jul 16 06:18:42 PDT 2007
[ http://www.wso2.org/jira/browse/WSAS-208?page=all ]
Charitha Kankanamge closed WSAS-208.
------------------------------------
Verified the fix in WSAS 2.0 RC2 and closed the bug.
> Able to access the services even after engaging the throttle module with certain restrictions
> ---------------------------------------------------------------------------------------------
>
> Key: WSAS-208
> URL: http://www.wso2.org/jira/browse/WSAS-208
> Project: WSO2 WSAS
> Issue Type: Bug
> Components: servlet-edition
> Affects Versions: Nightly
> Environment: Windows XP, JDK 1.5.0_06, Firefox version 1.5.0.8, Jakarta-tomcat-5.0.30
> Reporter: Evanthika Amarasiri
> Assigned To: indika kumara
> Fix For: Nightly
>
>
> Below are the steps to reproduce the error
> 1. Log in to the Management Console and go to "Modules > wso2throttle > Configure Policies"
> 2. Change the throttle module as follows (Set the throttle:IsAllow to false)
> ************************************************************************************************************************************************************************************************
> <wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:Id="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" Id:Id="urn:uuid:9A0B81D1D51F9E8F6E1170725757246"><throttle:ThrottleAssertion xmlns:throttle="http://wsf/throttle">
> <wsp:All>
> <throttle:ID xmlns:type="http://wsf/throttle" type:type="IP">Other</throttle:ID>
> <wsp:ExactlyOne>
> <throttle:IsAllow>false</throttle:IsAllow>
> <wsp:All>
> <throttle:MaximumCount>5</throttle:MaximumCount>
> <throttle:UnitTime>1000</throttle:UnitTime>
> <throttle:ProhibitTimePeriod xmlns:Optional="http://schemas.xmlsoap.org/ws/2004/09/policy" Optional:Optional="true">10</throttle:ProhibitTimePeriod>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:All>
> .
> .
> .
> ************************************************************************************************************************************************************************************************
> 3. Now engage this module to a particular service
> 4. Through the "Try it" option try to access the service
> 5. You should not be able to access the service since the throttle:IsAllow parameter is set to false
> NOTE : Changed the module policy in some other ways and still was able to access the service and no restrictions were given
> E.g.:- <wsp:All>
> <throttle:MaximumCount>5</throttle:MaximumCount>
> <throttle:UnitTime>1000</throttle:UnitTime>
> <throttle:ProhibitTimePeriod xmlns:Optional="http://schemas.xmlsoap.org/ws/2004/09/policy" Optional:Optional="true">10</throttle:ProhibitTimePeriod>
> </wsp:All>
> Set the above parameters in the throttle module and was able to access the particular service more than 5 times. [Should not be able to try the operation more than 5 times]
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://www.wso2.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the Wsas-java-dev
mailing list