앱)대량호출 방어로직 및 checkusersession
public static void checkUserSession(HttpServletRequest request, HttpServletResponse response){
boolean isLogin = false;
HttpSession session = request.getSession();
if(session != null){
UserInfoVO user = (UserInfoVO)session.getAttribute("USERINFO");
if(user!= null && user.getUserID() != null){
isLogin = true;
}
//대량 호출 방어 로직
@SupressWarnings("unchecked")
Map<String, Object> map = (Map<String, Object>) session.getAttribute(session.getId());
if(map == null){
map = new HashMap<String, Object>();
map.put("rat", System.currentTimeMillis());
map.put("rac",1);
session.setAttribute(session.getId(), map);
}else{
//최근 호출 시간 (rat)와 최근 연속호출 count(rac)를 가져온다
long recentAccessTime = (Long) map.get("rat");//recent access time
int accessCount = (Integer) map.get("rac"); //recent access count
int tooManyAccessCnt = Integer.parseInt(ComConfig.getAccessCount());
//연속 호출 건수가 임계치를 넘었다면 세션을 Invalid
if(accessCount >= tooManyAccessCnt) {
logger("to many access, redirect to login page");
session.setAttribute(session.getId(), null);
try{
response.sendRedirect(CommConfig.getBaseUrl() + request.getContextPath() + "login/intro.do");
return;
} catch(){
}
}
if( System.currentTimeMillis() - recentAccessTime <= 1000) { //1초안에
accessCount++;
}else{
accountCount =1;
map.put("rat",System.currentTimeMillis());
}
map.put("rac",accessCount);
session.setAttribute(session.getId(), amp);
}
//대량호출 방어
}
if( !isLogin){
try{
if(request.getHeader("AJAX") != null && request.getHeader("AJAX").equals("true")){
response.sendError(HttpServletResponse.SC_FORBIDDEN);
}else{
response.sendRedirect(CommConfig.getBaseUrl() + request.getContextPath() + "/login/intro.do");
}
}catch(){
}
}
}
boolean isLogin = false;
HttpSession session = request.getSession();
if(session != null){
UserInfoVO user = (UserInfoVO)session.getAttribute("USERINFO");
if(user!= null && user.getUserID() != null){
isLogin = true;
}
//대량 호출 방어 로직
@SupressWarnings("unchecked")
Map<String, Object> map = (Map<String, Object>) session.getAttribute(session.getId());
if(map == null){
map = new HashMap<String, Object>();
map.put("rat", System.currentTimeMillis());
map.put("rac",1);
session.setAttribute(session.getId(), map);
}else{
//최근 호출 시간 (rat)와 최근 연속호출 count(rac)를 가져온다
long recentAccessTime = (Long) map.get("rat");//recent access time
int accessCount = (Integer) map.get("rac"); //recent access count
int tooManyAccessCnt = Integer.parseInt(ComConfig.getAccessCount());
//연속 호출 건수가 임계치를 넘었다면 세션을 Invalid
if(accessCount >= tooManyAccessCnt) {
logger("to many access, redirect to login page");
session.setAttribute(session.getId(), null);
try{
response.sendRedirect(CommConfig.getBaseUrl() + request.getContextPath() + "login/intro.do");
return;
} catch(){
}
}
if( System.currentTimeMillis() - recentAccessTime <= 1000) { //1초안에
accessCount++;
}else{
accountCount =1;
map.put("rat",System.currentTimeMillis());
}
map.put("rac",accessCount);
session.setAttribute(session.getId(), amp);
}
//대량호출 방어
}
if( !isLogin){
try{
if(request.getHeader("AJAX") != null && request.getHeader("AJAX").equals("true")){
response.sendError(HttpServletResponse.SC_FORBIDDEN);
}else{
response.sendRedirect(CommConfig.getBaseUrl() + request.getContextPath() + "/login/intro.do");
}
}catch(){
}
}
}
'백엔드개발 > 자바스프링' 카테고리의 다른 글
| 앱)java spring application config properties 방식 (0) | 2018.11.14 |
|---|---|
| 앱)java spring application Config xml방식 (0) | 2018.11.14 |
| 앱)mybatis resultMap과 resultType 차이 (0) | 2018.11.14 |
| 앱)select box 선택시에 팝업이 뜨는 로직정리 (0) | 2018.11.14 |
| 앱)mysql sequence 쿼리 샘플 (0) | 2018.11.14 |