menu
search close

Installing the Java Module as a Netty Handler

access_time Updated Mar 24, 2023

The Signal Sciences Netty module is implemented as a handler which inspects HttpRequest events before forwarding the event to the next handler in the pipeline.

Download

Download the Signal Sciences Java module manually or access it with Maven.

Download manually

  1. Download the Java module archive from https://dl.signalsciences.net/sigsci-module-java/sigsci-module-java_latest.tar.gz.
  2. Extract sigsci-module-java_latest.tar.gz.
  3. Deploy the jars using one of the following options:
    • Copy sigsci-module-java-{version}-shaded.jar (an uber jar with all the dependencies bundled) to your application’s classpath (e.g., %CATALINA_HOME%\webbapps\<APP_FOLDER>\WEB-INF\lib).
    • Copy sigsci-module-java-{version}.jar and its dependencies in the lib folder to your application’s classpath (e.g., %CATALINA_HOME%\webbapps\<APP_FOLDER>\WEB-INF\lib). If you already have any of the dependency jar files in your application classpath folder (i.e., for Tomcat in the WEB-INF\lib) then it is not necessary to copy them, even if the version numbers are different. The logging jars are optional based on how slf4j is configured.

Access with Maven

For projects using Maven for build or deployment, the latest version of Signal Sciences Java modules can be installed by adding XML to the project pom.xml file. For example:

<repositories>
   <repository>
      <id>sigsci-stable</id>
      <url>https://packages.signalsciences.net/release/maven2</url>
   </repository>
</repositories>

<dependency>
   <groupId>com.signalsciences</groupId>
   <artifactId>sigsci-module-java</artifactId>
   <version>LATEST_MODULE_VERSION</version>
</dependency>

Be sure to replace LATEST_MODULE_VERSION with the latest release of the Java module. You can find the latest version in our version file at https://dl.signalsciences.net/sigsci-module-java/VERSION.

Install and configure

Create a new instance of WafHandler for every new connection.

  • WafHandler must be added after FlowControlHandler.
  • HttpObjectAggregator handler should be added before FlowControlHandler to inspect HTTP Post body.
  • WafHandler may send HttpResponse for blocked request.

Example deployment

// Update configuration
WafHandler.getSigSciConfig().setMaxPost(40000);

// start server and handle requests
new ServerBootstrap()
.group(bossGroup, workerGroup)
.channel(NioServerSocketChannel.class)
.childHandler(
  new ChannelInitializer<SocketChannel>() {
      @Override
      public void initChannel(SocketChannel ch) throws Exception {
    ch.pipeline()
    .addLast(new HttpServerCodec())
    .addLast(new HttpObjectAggregator(6 * (1 << 20)))
    .addLast(new FlowControlHandler())
    .addLast("waf", new WafHandler())
    .addLast(new SimpleChannelInboundHandler<FullHttpRequest>() {

      // send response

    });
      }
  })
.bind(8080)
.sync();
list
list On this page