InspektrThrottledSubmissionByIpAddressAndUsernameHandlerInterceptorAdapter (JA-SIG CAS Core 3.4.1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.jasig.cas.web.support
Class InspektrThrottledSubmissionByIpAddressAndUsernameHandlerInterceptorAdapter

java.lang.Object
  org.springframework.web.servlet.handler.HandlerInterceptorAdapter
      org.jasig.cas.web.support.AbstractThrottledSubmissionHandlerInterceptorAdapter
          org.jasig.cas.web.support.InspektrThrottledSubmissionByIpAddressAndUsernameHandlerInterceptorAdapter

All Implemented Interfaces:: org.springframework.web.servlet.HandlerInterceptor

public class InspektrThrottledSubmissionByIpAddressAndUsernameHandlerInterceptorAdapter
extends AbstractThrottledSubmissionHandlerInterceptorAdapter
extends AbstractThrottledSubmissionHandlerInterceptorAdapter

Works in conjunction with the Inspektr Library to block attempts to dictionary attack users.

Defines a new Inspektr Action "THROTTLED_LOGIN_ATTEMPT" which keeps track of failed login attempts that don't result in AUTHENTICATION_FAILED methods

This relies on the default Inspektr table layout and username construction. The username construction can be overrided in a subclass.

Since:: 3.3.5
Version:: $Revision$ $Date$
Author:: Scott Battaglia

Field Summary

Fields inherited from class org.jasig.cas.web.support.AbstractThrottledSubmissionHandlerInterceptorAdapter
`log`

Constructor Summary
`InspektrThrottledSubmissionByIpAddressAndUsernameHandlerInterceptorAdapter(com.github.inspektr.audit.AuditTrailManager auditTrailManager, javax.sql.DataSource dataSource)`

Method Summary
`protected java.lang.String`	`constructUsername(javax.servlet.http.HttpServletRequest request, java.lang.String usernameParameter)`
`protected int`	`findCount(javax.servlet.http.HttpServletRequest request, java.lang.String usernameParameter, int failureRangeInSeconds)`
`void`	`setApplicationCode(java.lang.String applicationCode)`
`protected void`	`updateCount(javax.servlet.http.HttpServletRequest request, java.lang.String usernameParameter)`

Methods inherited from class org.jasig.cas.web.support.AbstractThrottledSubmissionHandlerInterceptorAdapter
`postHandle, preHandle, setFailureRangeInSeconds, setFailureThreshold, setUsernameParameter`

Methods inherited from class org.springframework.web.servlet.handler.HandlerInterceptorAdapter
`afterCompletion`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

InspektrThrottledSubmissionByIpAddressAndUsernameHandlerInterceptorAdapter

public InspektrThrottledSubmissionByIpAddressAndUsernameHandlerInterceptorAdapter(com.github.inspektr.audit.AuditTrailManager auditTrailManager,
                                                                                  javax.sql.DataSource dataSource)

Method Detail

findCount

protected final int findCount(javax.servlet.http.HttpServletRequest request,
                              java.lang.String usernameParameter,
                              int failureRangeInSeconds)

Specified by:: findCount in class AbstractThrottledSubmissionHandlerInterceptorAdapter

updateCount

protected final void updateCount(javax.servlet.http.HttpServletRequest request,
                                 java.lang.String usernameParameter)

Specified by:: updateCount in class AbstractThrottledSubmissionHandlerInterceptorAdapter

setApplicationCode

public final void setApplicationCode(java.lang.String applicationCode)

constructUsername

protected java.lang.String constructUsername(javax.servlet.http.HttpServletRequest request,
                                             java.lang.String usernameParameter)