JMX Measures for Limiting Usage of REST Services

If you want to limit the usage of REST API services, you can find the relevant JMX measures under borland.com/RestService/LimitingFilter in the JMX measures tree on your front-end server.

Set the Overdraft measure for a session token to specify the limit for a burst usage of the REST service and set the RefillPerMinute measure to specify the permanent usage-limit-per-minute. Handling usage bursts in such a way is known as the token-bucket algorithm. Exceeding the limit will result in a 429 - Too Many Requests response to a service call and the user will be asked to try again later.

LoginPasswordAuthentication Measures

Here you can set the request limits for a user to obtain a session ID through basic authentication using username and password.

Note: Micro Focus recommends authentication through a web-service token.

Measure	Description
FilterEnabled	Whether limiting usage is enabled or not. True or false.
Overdraft	The maximum number of login requests that can happen in a burst scenario.
RefillPerMinute	The average number of login requests that is allowed.
MinimumRemainingTokens	The number of tokens in the bucket with the fewest tokens since the service was started or since the Overdraft and the RefillPerMinute were set.
MinimumRemainingTokensBucket	The login of the user with the bucket that has the fewest available tokens.

SessionIdAuthentication Measures

Here you can set the request limits for each web-service token or each session ID.

Measure	Description
FilterEnabled	Whether limiting usage is enabled or not. True or false.
Overdraft	The maximum number of requests that can happen in a burst scenario with a specific web-service token or with a specific session ID.
RefillPerMinute	The average number of requests that is allowed with a specific web-service token or with a specific session ID.
MinimumRemainingTokens	The number of tokens in the bucket with the fewest tokens since the service was started or since the Overdraft and the RefillPerMinute were set.
MinimumRemainingTokensBucket	The web-service token or the session ID with the fewest available tokens.