I am looking for the options to set the max limit on incoming http request like instance want to set the limit not to exceed over 6MB? How can i achieve that?
My code snippet;
public String getContent(HttpServletRequest request)
throws IOException {
StringBuffer lines = new StringBuffer();
try {
//Tried the below line not sure if it is right but did not work
//BufferedReader reader = new BufferedReader(request.getReader(),60048);
if(req.getContentLength()< 600048) {
BufferedReader reader = request.getReader();
String line = null;
while ((line = reader.readLine()) != null) {
lines.append(line);
}
reader.close();
} catch (IOException exc) {
throw exc;
}
return lines.toString();
}
}//Check for size ends here
}
There are several possible ways for you to implement such a functionality. For once, I am not very familiar with WebSphere so correct me if I'm wrong.
WebSphere seems to offer a configuration property very similar to Tomcat's maxPostSize. For Tomcat's case this limits the max post size on the connector level. I suppose that the equivalent for this for WebSphere is PostSizeLimit. You can go ahead and edit the application server's configuration file set this to the desired size (in bytes).
HttpServletRequest does not offer an out of the box way of inspecting the incoming request's size. To overcome this there are two options. One is to attempt to retrieve the value of the Content-Length header. Problem is that this may not be present always. Another potential issue for this, is that this returns only the size of the body (not including headers) as this is defined here.
If you're sure that this header is always going to be present and assuming that you don't care about the headers' size you can go ahead and try this.
Another way would be to try to use ServletRequest#getContentLength which may also return the size of the body.
One last final way would be for you to obtain the inputStream of the request, use a BufferedReader to read it locally and store it in a byte array. With this in hand you should be able to determine the size. Only problem regarding this solution is that a HttpServletRequest inputStream can only be read once, meaning that you'll need to cache it somehow (a filter based solution would work really good for this).
In any, way the real thing aside from doing the above, is what you do in case the size is over the desired limit. In you code sample you seem to attempt to read it until the desired size is attained and then just return whatever you have read so far. My thinking is that this is wrong, as you may end up with an invalid request body. I think that it would be better for you to actually drop the request in case it's over the allowed limit.
I hope the above help.