tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: Limit user sessions in tomcat
Date Tue, 15 Dec 2009 17:01:09 GMT
Caldarale, Charles R wrote:
>> From: Chetan Chheda []
>> Subject: Limit user sessions in tomcat
>> Is there a way through configuation of tomcat and mod_jk to control
>> the number of concurrent transactions/sessions a user can maintain?
> Don't know about what you might be able to configure in httpd, but in Tomcat this is
frequently done with a filter in conjunction with an HttpSessionListener to insure a user
session is being used by an excessive number of concurrent requests.  This keeps the throttling
independent of the logic in the webapp.
There exist a couple of add-on filter modules at the Apache level to 
handle that kind of thing.  It might be better to do it at the earliest 
possible level, before you even hit mod_jk or Tomcat.

On another level, I don't quite understand yet how this squares with the 
fact that most browsers will not establish more than 2 connections with 
the same webserver at the same time.  It seems a bit difficult to 
imagine that one single user can "crash" a Tomcat just by repeatedly 
hitting the same link.
Maybe the OP should just find that user and tell him to stop doing that.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message