* we change the rate.
   */
  public void testWeNeverGetABurstMoreThanOneSec() {
    RateLimiter limiter = RateLimiter.create(1.0, stopwatch);
    int[] rates = {1000, 1, 10, 1000000, 10, 1};
    for (int rate : rates) {
      int oneSecWorthOfWork = rate;
      stopwatch.sleepMillis(rate * 1000);
      limiter.setRate(rate);

   * we change the rate.
   */
  public void testWeNeverGetABurstMoreThanOneSec() {
    RateLimiter limiter = RateLimiter.create(1.0, stopwatch);
    int[] rates = {1000, 1, 10, 1000000, 10, 1};
    for (int rate : rates) {
      int oneSecWorthOfWork = rate;
      stopwatch.sleepMillis(rate * 1000);
      limiter.setRate(rate);

 * <p>Rate limiters are often used to restrict the rate at which some physical or logical resource
 * is accessed. This is in contrast to {@link java.util.concurrent.Semaphore} which restricts the
 * number of concurrent accesses instead of the rate (note though that concurrency and rate are
 * closely related, e.g. see <a href="http://en.wikipedia.org/wiki/Little%27s_law">Little's
 * Law</a>).
 *

            }
            sendBlockedResponse(httpResponse);
            return;
        }

        // Check rate limit
        if (!rateLimitHelper.allowRequest(clientIp)) {
            if (logger.isDebugEnabled()) {
                logger.debug("Rate limit exceeded: clientIp={}", clientIp);
            }
            sendRateLimitResponse(httpResponse, rateLimitHelper.getRetryAfterSeconds());

        if (logger.isInfoEnabled()) {
            logger.info("RateLimitHelper initialized: windowMs={}, blockDurationMs={}", windowMs, blockDurationMs);
        }
    }

    /**
     * Check if rate limiting is enabled.
     * @return true if rate limiting is enabled
     */
    public boolean isEnabled() {
        return ComponentUtil.getFessConfig().isRateLimitEnabled();
    }

    /**

    }

    @Test
    public void test_constructorWithMessageAndErrorCode() {
        final LlmException exception = new LlmException("Rate limit exceeded", LlmException.ERROR_RATE_LIMIT);
        assertEquals("Rate limit exceeded", exception.getMessage());
        assertEquals(LlmException.ERROR_RATE_LIMIT, exception.getErrorCode());
        assertNull(exception.getCause());
    }

    @Test

        now = datetime.now(tz=timezone.utc)

        # Handle primary rate limits
        primary_limit_wait_time = 0.0
        if self.remaining_points <= self.last_query_cost:
            primary_limit_wait_time = (self.reset_at - now).total_seconds() + 2
            logging.warning(
                f"Approaching GitHub API rate limit, remaining points: {self.remaining_points}, "

 *
 * @author FessProject
 */
public class LlmException extends FessSystemException {

    private static final long serialVersionUID = 1L;

    /** Error code for rate limit (HTTP 429). */
    public static final String ERROR_RATE_LIMIT = "rate_limit";

    /** Error code for authentication failure (HTTP 401/403). */
    public static final String ERROR_AUTH = "auth_error";

#                                                                           Rate Limiting
#                                                                           ==============
# Whether rate limiting is enabled.
rate.limit.enabled=false
# Maximum number of requests allowed per window.
rate.limit.requests.per.window=100
# Window size in milliseconds.
rate.limit.window.ms=60000
# Duration in milliseconds to block IP when limit exceeded.

- Role-based query filtering via `RoleQueryHelper`
- Authentication: Local (UserService), LDAP, OIDC, SAML, SPNEGO, Entra ID
- Security features: AES encryption, SHA256 digest, LDAP injection prevention, password policy, rate limiting

## Naming Conventions

| Element | Convention | Example |
|---------|------------|---------|
| Classes | PascalCase | `UserService`, `FessBaseAction` |