Class LoginThrottle


  • public class LoginThrottle
    extends Object
    Utility methods to prevent brute force attacks
    Since:
    7.6.3
    Author:
    Marco Meschieri - LogicalDOC
    • Constructor Detail

      • LoginThrottle

        public LoginThrottle()
    • Method Detail

      • clearFailures

        public static void clearFailures​(String username,
                                         String ip)
        Clears the failures for the given username and or password
        Parameters:
        username - the username
        ip - the IP address from which the login intent comes from
      • recordFailure

        public static void recordFailure​(String username,
                                         Client client,
                                         AuthenticationException exception)
        Saves the login failure in the database
        Parameters:
        username - the username
        client - the client address from which the login intent comes from
        exception - the authentication exception
      • checkLoginThrottle

        public static void checkLoginThrottle​(String username,
                                              String ip)
                                       throws AuthenticationException
        Performs anti brute force attack checks
        Parameters:
        username - the username
        ip - the IP address from which the login intent comes from
        Throws:
        AuthenticationException - if the authentication fails