CXF web service throttling

I'm new to CXF and I would like to know if it has any build-in m开发者_如何学Pythonechanism that would allow limiting the number of concurrent calls to the web service, thus addressing the possibility of a DoS attack? Something similar to this feature of WCF?

http://www.danrigsby.com/blog/index.php/2008/02/20/how-to-throttle-a-wcf-service-help-prevent-dos-attacks-and-maintain-wcf-scalability/

CXF has some ability to do some of this out of the box. CXF endpoints can have a factory configured on the invoker which is used to obtain the Object that is invoked upon. Out of the box, there is a PooledFactory that can maintain a pool of instances. It can be set to not create additional instances beyond the max and thus wait until more are freed up. That can throttle things a bit. You can configure this via spring config or via an annotation on the impl:

@FactoryType(value=FactoryType.Type.POOLED, args={"25"})

(25 is the max size of the pool)

However, this is very late in the processing. By the time it reaches there, all the XML has been parsed, jaxb objects created, etc... For DOS, you'd likely want to stop earlier. You can implement an interceptor that would live early in the chain that would keep a count stored on the endpoint. Increment and check on the incoming chain, decrement on the outgoing chain.