First of all, happy new year!
I have a question about security. Is that sufficient after I relocating the activator xml files of jmx-console, admin-console, jbossws-console and ROOT.war from deploy directory? So the user cannot access them in browser.
And how about the DoS attack, is there any security module about it in JBoss? If not what should I do for it?
If you don't need the console I would remove it from deployment, see http://community.jboss.org/wiki/JBoss5xTuningSlimming (maybe you have to look for AS4 or 6 but it is very similar for that)
About DoS attack I think that such is often handled by other hard- or software in front of JBoss. There is no special module in JBoss for this, also there are many different chanels which might be handled different.
I remember a case where a internal application was flooding the EJB RMI interface with wrong calls
Hi Wolf, thanks for your quick reply and the link!
About Dos attack you are definitly right, it's basically a responsiblity of other hard- or software. Anyway should I add some specail mechanismus to avoid frequent "normal" requests? As I know, many PHP projects have such check logic, e.g. user can't post too fast in PHP forum.
In JBoss I'm not sure where should I put such check logic, if I put them for example in my Servlet to avoid frequent requests from the same IP, I need some thread-safe data structure to store such IP-Timestamp Map, or even in an in-memory Database! All sound complicate, I mean when the attacker really floods my servlet, maybe these time-consuming check logic kill my server at first.
Do you have any good idea about preventing DoS attack in Application layer?
From my point of view there is no solution in general. It depend to you application and the risk you have or see.
I see implementations that are paranoid and try to avoid any of such attacks but at the end the performance and scalability is bad and after removing such code it works better and, who wonder, no attack occour
So it will be a balance between costs and effort - performance - risk (whether you have such attack).
If you have a cluster with load balancing each check on JBoss side will be not effective.
And in case of 'attack by fault' inside your network you can't have a automatic detection.
Your idea with a IP-timestamp Map sounds good, maybe you use a WeakHashMap to remove old entries.
A database might to much effort to remove old entries.
But sync access to Maps might force locking contention ...
So it is still on you to find the right balance four your application