Access Throttling

Access throttling is used to restrict access to services at three different levels as follows.

Global-Level : Restrictions apply to every message coming into the server. To configure throttling globally, see Configuring the wso2throttle Module.
Operation-Level : Restrictions apply only to messages accessing a particular operation. For information throttling in operation level, see Operation Management.
Service-Level : Restrictions apply to all the messages coming into a particular service. Information is given below.

NOTE: The following section describes how to set throttling to services after the service is deployed. To set up throttling prior to its deployment, see Setting up throttling prior to service deployment.

Service-level access throttling

Use this function to add a throttle parameter that specifies a variable millisecond wait between calls or a variable maximum number of calls per unit of time. This facilitates smooth operation of Web services and REST using the Web service and HTTP client steps.

The throttling option is disabled by default. Follow the steps below to enable it.

Log in to the product's management console and select Services > List under the Main menu.
The Deployed Services page appears. Select the service to which you want to enable throttling.
The service's dashboard opens. Click Access Throttling from the Quality of Service Configuration panel.
The Throttling Configuration window appears. Enable throttling by selecting Yes as follows:
The existing throttle configuration appears in the wizard. Click Add New Entry and specify the parameters. Note: To enter new parameters or modify existing ones, first select Allow in the Access column as follows.

Parameters for throttling configuration are as follows:
- Range - The IP address range or the domain that is restricted from accessing the service. Requests from such clients are restricted based on the specified values.
- Type - This indicates the type of Range.
  - IP - The range is given as a single IP address or an IP range such as 10.100.1.30-10.100.1.60
  - DOMAIN - The range is given as a domain. E.g., *.wso2.com. If you specify configuration types of both IP and DOMAIN, priority is given to DOMAIN level configurations.
- Maximum Request Count (MRC) - If Access is set to Control, it will be the maximum number of requests that are served within the time interval specified by the Unit Time parameter.
- Unit Time (UT) - The time period in milliseconds during which the maximum number of requests are served. This is the number specified by the Maximum Request Count. The throttle starts counting the number of units from the moment it is enabled and the number of requests served within that period.
- Prohibit Time Period (PTP) - If the maximum request count is achieved before the unit time, this is the period during which no more requests are allowed to go in. By setting this value, the unit time slot is altered.
- Access
  - Allow : No restriction is applied for that range and all requests are allowed to go in as they come in.
  - Deny : Access is completely denied for that range.
  - Control
NOTE: When the Access is set to Allow or Deny, MRC, UT and PTP parameters are not necessary and the said fields are deactivated. If it is Control, then the specified constraints are applied for that particular range.
Example:
MRC = 50, UT = 50000, PTP = 5000
The above configuration means, if 50 requests are arrived within 35000ms (35s) in a particular time period, no more requests are taken in for another 5000ms (5s = PTP). This time, the UT is altered to 35000ms + 5000ms = 40000ms (40s)
Functions of buttons of the throttling configuration are as follows:
- Finish : Submits the current data. When clicked, your throttle configuration will be applied and the page will be redirected to the previous page.
- Reset : Loads the last submitted configuration
- Default : Loads the default throttle configuration. (Click Finish to submit)
- Clear : Clears all the text boxes in the user interface
- Cancel : Navigates to the Service Dashboard

Setting up throttling prior to service deployment

To configure throttling to a service before deploying it, add your throttling configuration in an XML file by the name <service name>_services.xml and save it in <PRODUCT_HOME>/repository/deployment/server/<folder_of_the_service_type>. For example, to define throttling to a data service by the name CSVSampleService, create CSVSampleService _services.xml in <PRODUCT_HOME>/repository/deployment/server/dataservices folder.

You must also have the service definition (in this example, CSVSampleService.dbs) saved in the same folder. This throttling configuration will be enabled at the time the service gets deployed.

Given below is a sample throttling configuration for your reference:

<service name="CSVSampleService"> 
  <module ref="wso2throttle"/>
  <wsp:Policy wsu:Id="WSO2ServiceThrottlingPolicy">
   <wsp:ExactlyOne>
     <wsp:All>
      <throttle:ServiceThrottleAssertion>
         <wsp:Policy>
           <throttle:ID throttle:type="DOMAIN">10.100.0.205</throttle:ID>
           <wsp:Policy>
             <throttle:Control>
               <wsp:Policy>
                 <throttle:MaximumCount>2</throttle:MaximumCount>
                 <throttle:UnitTime>20000</throttle:UnitTime>
                 <throttle:ProhibitTimePeriod wsp:Optional="true">30000</throttle:ProhibitTimePeriod>
               </wsp:Policy>
             </throttle:Control>
           </wsp:Policy>
         </wsp:Policy>
         <wsp:Policy>
           <throttle:ID throttle:type="DOMAIN">other</throttle:ID>
           <wsp:Policy>
             <throttle:Allow/>
           </wsp:Policy>
         </wsp:Policy>
      </throttle:ServiceThrottleAssertion>
     </wsp:All>
   </wsp:ExactlyOne>
  </wsp:Policy>
</service>