Package com.logicaldoc.core.security
Class LoginThrottle
java.lang.Object
com.logicaldoc.core.security.LoginThrottle
Utility methods to prevent brute force attacks
- Since:
- 7.6.3
- Author:
- Marco Meschieri - LogicalDOC
-
Field Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic void
checkLoginThrottle
(String username, String ip) Performs anti brute force attack checksstatic void
clearFailures
(String username, String ip) Clears the failures for the given username and or passwordstatic void
recordFailure
(String username, Client client, AuthenticationException exception) Saves the login failure in the database
-
Field Details
-
LOGINFAIL_IP
- See Also:
-
LOGINFAIL_USERNAME
- See Also:
-
-
Method Details
-
clearFailures
Clears the failures for the given username and or password- Parameters:
username
- the usernameip
- the IP address from which the login intent comes from
-
recordFailure
Saves the login failure in the database- Parameters:
username
- the usernameclient
- the client address from which the login intent comes fromexception
- the authentication exception
-
checkLoginThrottle
Performs anti brute force attack checks- Parameters:
username
- the usernameip
- the IP address from which the login intent comes from- Throws:
AuthenticationException
- if the authentication fails
-