Package com.logicaldoc.core.security
Class LoginThrottle
- java.lang.Object
-
- com.logicaldoc.core.security.LoginThrottle
-
public class LoginThrottle extends Object
Utility methods to prevent brute force attacks- Since:
- 7.6.3
- Author:
- Marco Meschieri - LogicalDOC
-
-
Field Summary
Fields Modifier and Type Field Description static String
LOGINFAIL_IP
static String
LOGINFAIL_USERNAME
-
Constructor Summary
Constructors Constructor Description LoginThrottle()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static void
checkLoginThrottle(String username, String ip)
Performs anti brute force attack checksstatic void
clearFailures(String username, String ip)
Clears the failures for the given username and or passwordstatic void
recordFailure(String username, Client client, AuthenticationException exception)
Saves the login failure in the database
-
-
-
Field Detail
-
LOGINFAIL_IP
public static final String LOGINFAIL_IP
- See Also:
- Constant Field Values
-
LOGINFAIL_USERNAME
public static final String LOGINFAIL_USERNAME
- See Also:
- Constant Field Values
-
-
Method Detail
-
clearFailures
public static void clearFailures(String username, String ip)
Clears the failures for the given username and or password- Parameters:
username
- the usernameip
- the IP address from which the login intent comes from
-
recordFailure
public static void recordFailure(String username, Client client, AuthenticationException exception)
Saves the login failure in the database- Parameters:
username
- the usernameclient
- the client address from which the login intent comes fromexception
- the authentication exception
-
checkLoginThrottle
public static void checkLoginThrottle(String username, String ip) throws AuthenticationException
Performs anti brute force attack checks- Parameters:
username
- the usernameip
- the IP address from which the login intent comes from- Throws:
AuthenticationException
- if the authentication fails
-
-