Archive for the ‘Rate Limiter’ Category

Hi dude..

In this post I’m going to show you a brief demo about the use of Rate Limiter feature with Turmeric SOA and Cassandra Integration.

Firstly let me explain you the scenario and the environment setup.

Scenario:

-A resource, a Service in this case,  must be denied after a member of a Subject Group makes 4 calls to an Echo Service

Environment:

  • A simple Echo Web Service deployed in two customised Jetty server, these are Jetty-Turmeric 1 and 2 (see chart Environment Setup)
  • Then Rate Limiter Service and Policy Service and PolicyAdmiUI deployed in other two Jetty servers
  • 4 Cassandra nodes running as stand alone services. In my case I used cassandra v 0.8.2
  • a turmericdb schema in a MySql database to store the predefined policies
  • any web browser, as REST client, FF in my case

Jetty-Turmeric Web Server Setup:

Download and decompress jetty-turmeric. This customised Jetty already provides a Echo Service as example. We need 4 instances (copies) of it, so let’s call it jetty-turmeric-1.0.1.0-SNAPSHOT-1, jetty-turmeric-1.0.1.0-SNAPSHOT-2, jetty-turmeric-1.0.1.0-SNAPSHOT-3 and jetty-turmeric-1.0.1.0-SNAPSHOT-4. Don’t forget to change their listening ports, otherwise you will get a nightmare of conflicts. I choose 8080, 8081, 8082 and 8083. Also you need to change SSL ports, and debugging port in case you want to do a remote debuggin with Eclipse:  -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=8000

Then, lets prepare the Jetty #1 and #2, those who has the Echo Service Consumer. One of the yellow boxes we need to setup in the SIF is the AuthenticationHandler, that is a handler which makes call to the Authentication Service deployed in Jetty Server #3 and 4 respectively.  So we need to edit the {JETTY-HOME}/resources/META-INF/security/config/AuthenticationPolicy.xml file and add the operation against we need the Authentication process be run  :

<resource name="ExampleEchoServiceV1" default-authentication-method="basic" type="SERVICE">
<operation name="echo">
<authentication-method>basic</authentication-method>
</operation>
</resource>

Now, since we use our Turmeric-Cassandra-util package we need to add some jar dependencies under {JETTY-HOME}/lib/turmericsoa-security/ folder:
log4j-1.2.9.jar
TurmericUtils-0.9.0-Beta.jar

As some services are deployed under another Web Server, we must indicate the actual endpoint and don’t forget to change the Transport Protocol, from LOCAL to HTTP. This applies for {JETTY-HOME}/lib/turmericsoa-security/AuthenticationServiceConsumer-1.x.x.jar/META-INF/soa/client/config/AuthenticationService/ClientConfig.xml

<client-config-list xmlns="http://www.ebayopensource.org/turmeric/common/config"></pre>
<client-config service-name="{http://www.ebayopensource.org/turmeric/services}AuthenticationService">
<service-interface-class-name>org.ebayopensource.turmeric.services.authenticationservice.intf.AuthenticationService</service-interface-class-name>
<service-location>http://localhost:8082/security/AuthenticationServiceV1</service-location>
<client-instance-config>
<invocation-options>
<preferred-transport name="HTTP11">
<override-options>
<skip-serialization>true</skip-serialization>
</override-options>
</preferred-transport>
<request-data-binding>XML</request-data-binding>
<response-data-binding>XML</response-data-binding>
</invocation-options>
</client-instance-config>
</client-config>
</client-config-list>
<pre>

localhost:8083 for Jetty#2 setup

Also applies for {JETTY-HOME}/lib/turmericsoa-security/RateLimiterServiceConsumer-1.x.x.jar/META-INF/soa/client/config/RateLimiterService/ClientConfig.xml

Endpoint: http://localhost:8082/security/RateLimiterServiceV1 or http://localhost:8083/security/RateLimiterServiceV1 for Jetty#4

Now, lets prepare the Jetty #3 and #4.

As we can see in the above chart in Jetty#3 resides, Security Service, Policy Service and PolicyAdminUI (the Web UI for
policy Administration).
Download and extract them under webApps folder. Then the custom updates are:
For Security Service: None
For Policy Service: None
For PolicyAdminUI: in {Jetty3-HOME}/webapps/policy/lib/web.xml update the endpoint ports as Jetty3 has, that is 8082
for http and 8445 for shttp.

Later, in both {JETTY3-HOME} and {JETTY4-HOME} /resources/META-INF/config/cassandra.properties you need to add Rate
Limiter Keyspace info and also indicate there that cassandra will run in standalone mode instead of embedded mode,
default mode.

################################
###### RATE LIMITER COUNTER ####
################################
cassandra-rl-cluster-name=TestCluster
cassandra-host-ip=127.0.0.1
cassandra-rpc-port=9160
cassandra-rl-keyspace=rl

#column families
cassandra-active-rl-column-family=activeRL
cassandra-active-effect-column-family=activeEffect

embedded=false

This config should follow the cassandra configuration. Other cassandra files are not necessary to be changed due to we set embedded=false. This, tells Turmeric that Cassandra service is running in a standalone mode; setting to true TurmericSOA will start its own embedded Cassandra service.

If you need more datails on how to enable Rate Limiting to your own service surf on Turmeric Rate Limiting Setup page

enjoy it!!

Advertisements