Dynamic Access Control

2023-09-10

Enabling Dynamic Access Control

Use the @EnableDynamicLimit annotation to enable dynamic access control.

@SpringBootApplication
@EnableDynamicLimit
public class SimpleAuthApplication {
    public static void main(String[] args) {
        SpringApplication.run(SimpleAuthApplication.class, args);
    }
}

Alternatively, you can enable it with the simple-auth.func.dynamic-limit=true configuration.

Creating a Provider

@Component
public class MyLimitItemProvider implements RequestLimitItemProvider {
    @Override
    public List<RequestLimitItem> getRequestLimitItem() {
        List<RequestLimitItem> list = new ArrayList<>();
        // Match the path '/say', allow only 2 requests within 60 seconds, and ban for 10 seconds if exceeded.
        list.add(new RequestLimitItem("/say", 2, 60, 10));
        return list;
    }
}

The parameters for RequestLimitItem are as follows:

List<String> path: The matched path.
Integer times: The maximum number of requests.
Integer seconds: The recording time.
Integer ban: The ban time.
Class<? extends SignStrategic> itemStrategic: The item generation strategy, default is uri.
Class<? extends SignStrategic> signStrategic: The user identification generation strategy, default is user IP.
Class<? extends EffectiveStrategic> effectiveStrategic: The strategy to determine if the request is recorded, default is true.
Class<? extends TokenLimit> tokenLimit: The rate limiting algorithm, default is CompleteLimit, which records all requests accurately.

Annotations