package com.yourdomain.filter; import java.io.IOException; import java.util.Date; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; /** * */ public class LimitFilter implements Filter { static final String SESSION_LAST_ACCESS_KEY = "LimitFilter.lastAccess"; static final String SESSION_LAST_REJECT_KEY = "LimitFilter.lastReject"; static final String SESSION_ACCESS_COUNT_KEY = "LimitFilter.accessCount"; static final long thresholdTime = 3000; static final long resumeTime = 180000; static final int thresholdNum = 200; private ServletContext servletContext; /** * */ @Override public void destroy() { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException { try { boolean rejected = false; try { HttpSession session = ((HttpServletRequest) request).getSession(); long current = (new Date()).getTime(); if (session != null) { long lastAccess; long lastReject; int accessCount; try { lastAccess = (Long) session.getAttribute(SESSION_LAST_ACCESS_KEY); lastReject = (Long) session.getAttribute(SESSION_LAST_REJECT_KEY); accessCount = (Integer) session.getAttribute(SESSION_ACCESS_COUNT_KEY); } catch (Exception num) { lastAccess = 0; lastReject = 0; accessCount = 0; } if (((lastReject > 0) && (current - lastReject <= resumeTime)) || (accessCount > thresholdNum)) { if ((lastReject > 0) && (current - lastReject <= resumeTime)) { accessCount = 1; } lastReject = current; ((HttpServletResponse) response).sendRedirect(servletContext .getContextPath() + "/limit.html"); rejected = true; } else { if (current - lastAccess > thresholdTime) { accessCount = 1; } else { accessCount++; } lastReject = 0; } lastAccess = current; session.setAttribute(SESSION_LAST_ACCESS_KEY, lastAccess); session.setAttribute(SESSION_LAST_REJECT_KEY, lastReject); session.setAttribute(SESSION_ACCESS_COUNT_KEY, accessCount); } } catch (Exception e1) { } if (!rejected) { filterChain.doFilter(request, response); } } finally { } } /** * @param arg0 * @throws ServletException */ @Override public void init(FilterConfig arg0) throws ServletException { servletContext = arg0.getServletContext(); } }