"Tarpitting" gets its name from e-mail anti-spamming techniques used to slow down the rate at which repetitive access requests for e-mail services are honored by mail servers. The tarpitting concept may be applied to OFBiz web pages when you need to limit the number of times a request for a web page is honored, and thus slow down the rate at which OFBiz responds to certain HTTP/HTTPS requests.
Make sure the controller.xml
file containing your protected view has the following Java class configured in the preprocessor
section:
<preprocessor> <event name="checkProtectedView" type="java" path="org.ofbiz.webapp.control.ProtectViewWorker" invoke="checkProtectedView"/> </preprocessor>
To control the rate at which certain OFBiz web pages are honored, use the security group's protected view option as shown here:
controller.xml
view-map entry. For example, if you have a view-map similar to the following:<view-map name="MyProtectedScreen" type="screen" page="some page location" />
MyProtectedScreen
. Duration
. This is the length of time during which the web page view will not be available).The OFBiz controller servlet is the initial point of contact for all HTTP/HTTPS requests. This servlet, modeled after the Model-View-Control (MVC) design pattern, is responsible for handling all aspects of HTTP/HTTPS request processing, including selecting web page views for the requestor and delegating business processing to other OFBiz servlets, Services, and Events.
Adding the ProtectViewWorker.java
program to a controller's configuration (via the controller.xml
file) tells the controller to pay special attention to certain view requests and, based on the configuration parameters set within the Party Manager application, handle those requests appropriately.
By default, a blank web page is presented when a protected view is blocked. You may change this behavior by editing the ~framework/security/config/security.properties
file and modify the following line: default.error.response.view=view:viewBlocked
to match a request-map entry as shown here:
<request-map uri="viewBlocked"> <response name="success" type="view" value="viewBlocked" /> </request-map> <view-map name="viewBlocked" type="screen" page="component://common/widget/CommonScreens.xml#viewBlocked"/>
18.226.34.25