Sample 371: Restricting Requests Based on Policies

<definitions xmlns=""> <sequence name="main"> <in> <throttle id="A"> <policy> <!-- define throttle policy --> <wsp:Policy xmlns:wsp="" xmlns:throttle=""> <throttle:ThrottleAssertion> <wsp:All> <throttle:ID throttle:type="IP">other</throttle:ID> <wsp:ExactlyOne> <wsp:All> <throttle:MaximumCount>4</throttle:MaximumCount> <throttle:UnitTime>800000</throttle:UnitTime> <throttle:ProhibitTimePeriod wsp:Optional="true">10000 </throttle:ProhibitTimePeriod> </wsp:All> <throttle:IsAllow>true</throttle:IsAllow> </wsp:ExactlyOne> </wsp:All> <wsp:All> <throttle:ID throttle:type="IP"> </throttle:ID> <wsp:ExactlyOne> <wsp:All> <throttle:MaximumCount>8</throttle:MaximumCount> <throttle:UnitTime>800000</throttle:UnitTime> <throttle:ProhibitTimePeriod wsp:Optional="true">10 </throttle:ProhibitTimePeriod> </wsp:All> <throttle:IsAllow>true</throttle:IsAllow> </wsp:ExactlyOne> </wsp:All> <wsp:All> <throttle:ID throttle:type="IP"></throttle:ID> <wsp:ExactlyOne> <wsp:All> <throttle:MaximumCount>200</throttle:MaximumCount> <throttle:UnitTime>600000</throttle:UnitTime> <throttle:ProhibitTimePeriod wsp:Optional="true"/> </wsp:All> <throttle:IsAllow>true</throttle:IsAllow> </wsp:ExactlyOne> </wsp:All> <wsp:All> <throttle:ID throttle:type="IP"></throttle:ID> <wsp:ExactlyOne> <wsp:All> <throttle:MaximumCount>50</throttle:MaximumCount> <throttle:UnitTime>500000</throttle:UnitTime> <throttle:ProhibitTimePeriod wsp:Optional="true"/> </wsp:All> <throttle:IsAllow>true</throttle:IsAllow> </wsp:ExactlyOne> </wsp:All> </throttle:ThrottleAssertion> </wsp:Policy> </policy> <onAccept> <log level="custom"> <property name="text" value="**Access Accept**"/> </log> <send> <endpoint> <address uri="http://localhost:9000/services/SimpleStockQuoteService"/> </endpoint> </send> </onAccept> <onReject> <log level="custom"> <property name="text" value="**Access Denied**"/> </log> <makefault response="true"> <code xmlns:tns="" value="tns:Receiver"/> <reason value="**Access Denied**"/> </makefault> <send/> <drop/> </onReject> </throttle> </in> <out> <throttle id="A"/> <send/> </out> </sequence> </definitions>


Demonstrate how to throttle incoming requests based on complex policies


  • Deploy the SimpleStockQuoteService in the sample Axis2 server and start Axis2
  • Start Synapse using the configuration numbered 371 (repository/conf/sample/synapse_sample_371.xml)
    Unix/Linux: sh -sample 371
    Windows: synapse.bat -sample 371

Executing the Client

Above configuration specifies a throttle mediator inside the in mediator. Therefore, all request messages directed to the main sequence will be subjected to throttling. Throttle mediator has policy, onAccept and onReject tags at the top level. Policy tag specifies the throttling policy against which all messages will be evaluated. It contains some IP address ranges and the maximum number of messages to be allowed for those ranges within a time period given in 'UnitTime' tag. 'ProhibitTimePeriod' tag specifies the time period to prohibit further requests after the received request count exceeds the specified time. Now run the client 5 times repetitively using the following command to see how throttling works.

ant stockquote -Dsymbol=IBM -Dmode=quote -Daddurl=http://localhost:8280/

For the first four requests you will get the quote prices for IBM as follows.

[java] Standard :: Stock price = $177.20143371883802

Fifth request will not be sent to the Axis2 server and the client will receive the following fault.

[java] org.apache.axis2.AxisFault: **Access Denied**

Maximum number of requests within 800000 milliseconds is specified as 4 for any server (including localhost) other than the explicitly specified ones. Therefore, our fifth request is denied by the throttle mediator. You can verify this by looking at the Synapse console.

[HttpServerWorker-1] INFO LogMediator - text = **Access Accept** [HttpServerWorker-2] INFO LogMediator - text = **Access Accept** [HttpServerWorker-3] INFO LogMediator - text = **Access Accept** [HttpServerWorker-4] INFO LogMediator - text = **Access Accept** [HttpServerWorker-5] INFO LogMediator - text = **Access Denied**

Back to Catalog