All geek questions in one place

WCF: Call Per Hour Limit Per User

I have a WCF service (basicHttpBinding, Basic Authentication, IIS 6.0), on which I want to limit the number of calls per hour - based on the user. For example, the maximum number of 1000 calls per user per hour (a la Google Maps, etc.).

I also want to implement some kind of subscription mechanism so that users can update their call limit according to various "pricing plans."

I know that I could achieve this using a special Inspector supported by a database containing some kind of subscription table and counter, but I would like not to reinvent the wheel.

Does anyone have any experience? Are there any third-party projects / libraries that support this out of the box?

Thanks. Eric

+4
source share
2 answers

I don't know if there are any ready-made packages for this (someone who is listening? Maybe an opportunity!), But here are my quick thoughts on this:

  • Your demand is “within the last hour” - let them say “time period” instead of an hour, as this can be easily changed. You will need to track all calls of this user for a period of time, and also have some mechanism to collapse or archive this data. If you store in a database, this can be a significant performance issue, depending on your database, number of users, number of calls made over a period of time, etc. It is very easy to develop a common interface that will allow you to merge in caching if you need it - but you will also need to keep track of the total time spent getting information about limiting API / services.

  • Separate “limited functionality” at the service level , if possible, and not into a separate operation or method. If you can make the restrictions applicable to the use of the entire service and only to specific or individual methods, everything will be simpler: code, tracking, user understanding, etc. In general, this is ...

  • Your own place to intercept and check is not located in the IMHO message inspector, but in OperationInvoker . Install the user operations inspector through the service behavior, and you will block the entire service. In addition, you will have access to information after processing messages, for example, to the name of the authenticated user, etc. See Sconnar's MSDN article, " Extending WCF with Behavior " ( http://msdn.microsoft.com/en-us/magazine/cc163302.aspx#S6 ).

Hope this is helpful. If you decide to do it yourself, be sure to handle concurrency (calling multiple threads at once in your service)! If you have more questions, it may be useful for people to know the basic parameters of your situation, such as the volume of users, challenges, scalability problems (for example, a web farm or a single server?). - Kate

+2
source

The simplest is to add code to your service, the first thing it does is to check if it has reached the limit, then update the counter.

If you look at it from an architectural point of view, this is your business logic and should usually be implemented at the business level.

0
source

Source: https://habr.com/ru/post/1307433/

More articles:


All Articles