You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by ta...@apache.org on 2002/02/25 05:38:13 UTC
cvs commit: jakarta-jetspeed/src/java/org/apache/jetspeed/services/security UserLogonStats.java JetspeedDBSecurityService.java JetspeedSecurityService.java
taylor 02/02/24 20:38:13
Modified: src/java/org/apache/jetspeed/modules/actions JLoginUser.java
JLogoutUser.java
src/java/org/apache/jetspeed/modules/actions/portlets/security
UserUpdateAction.java
src/java/org/apache/jetspeed/modules/localization
JetspeedLocalization_de.properties
JetspeedLocalization_en.properties
JetspeedLocalization_es.properties
JetspeedLocalization_fr.properties
src/java/org/apache/jetspeed/services JetspeedSecurity.java
src/java/org/apache/jetspeed/services/security
JetspeedDBSecurityService.java
JetspeedSecurityService.java
Added: src/java/org/apache/jetspeed/services/security
UserLogonStats.java
Log:
- extended the JetspeedSecurity service to support account disabling, and basic tracking for failed logons.
- added column to the User form for disabled column
Revision Changes Path
1.23 +32 -2 jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JLoginUser.java
Index: JLoginUser.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JLoginUser.java,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- JLoginUser.java 9 Feb 2002 18:42:51 -0000 1.22
+++ JLoginUser.java 25 Feb 2002 04:38:12 -0000 1.23
@@ -91,6 +91,7 @@
import org.apache.jetspeed.services.resources.JetspeedResources;
import org.apache.jetspeed.services.Profiler;
import org.apache.jetspeed.services.JetspeedSecurity;
+import org.apache.jetspeed.om.security.JetspeedUser;
/**
This class is responsible for logging a user into the system. It is also
@@ -250,11 +251,26 @@
// check for valid username/password - execute Turbine LoginUser action
ActionLoader.getInstance().exec(data, "LoginUser");
-
+
+ JetspeedUser user = (JetspeedUser)data.getUser();
+ if (user.getDisabled())
+ {
+ data.setMessage(Localization.getString("JLOGINUSER_ACCOUNT_DISABLED"));
+ data.setScreenTemplate(JetspeedResources.getString("logon.disabled.form"));
+ data.getUser().setHasLoggedIn(new Boolean (false) );
+ return;
+ }
+
// check for being confirmed before allowing someone to finish logging in
if ( data.getUser().hasLoggedIn())
{
+ if (JetspeedResources.getBoolean("logon.auto.disable", true))
+ {
+ // dst: this needs some refactoring. I don't believe this api is necessary
+ JetspeedSecurity.resetUserCheck(data.getParameters().getString("username", ""));
+ }
+
String confirmed = data.getUser().getConfirmed();
if (confirmed == null || !confirmed.equals(JetspeedResources.CONFIRM_VALUE ))
{
@@ -263,7 +279,6 @@
data.setMessage(Localization.getString("JLOGINUSER_KEYNOTVALID"));
data.setScreenTemplate("NewUserRejected");
data.getUser().setHasLoggedIn(new Boolean (false) );
-
return;
}
else
@@ -336,5 +351,20 @@
}
}
+ else
+ {
+ // disable user after a configurable number of strikes
+ if (JetspeedResources.getBoolean("logon.auto.disable", true))
+ {
+ boolean disabled = JetspeedSecurity.disableUserCheck(data.getParameters().getString("username", ""));
+ if (disabled)
+ {
+ data.setMessage(Localization.getString("JLOGINUSER_ACCOUNT_DISABLED"));
+ data.setScreenTemplate(JetspeedResources.getString("logon.disabled.form"));
+ data.getUser().setHasLoggedIn(new Boolean (false) );
+ }
+ }
+ }
+
}
}
1.4 +61 -2 jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JLogoutUser.java
Index: JLogoutUser.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JLogoutUser.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- JLogoutUser.java 23 Feb 2002 23:10:15 -0000 1.3
+++ JLogoutUser.java 25 Feb 2002 04:38:12 -0000 1.4
@@ -64,8 +64,13 @@
import org.apache.turbine.modules.ActionLoader;
import org.apache.turbine.util.Log;
import org.apache.turbine.util.RunData;
+import org.apache.turbine.util.security.AccessControlList;
+import org.apache.turbine.TurbineConstants;
+import org.apache.turbine.om.security.User;
import org.apache.jetspeed.services.resources.JetspeedResources;
+import org.apache.jetspeed.services.JetspeedSecurity;
+
/**
This class is responsible for logging a user out of the system.
@@ -117,7 +122,61 @@
}
// use the standard turbine logout facility
- ActionLoader.getInstance().exec(data, "LogoutUser");
-
+ if ( JetspeedResources.getBoolean("automatic.logout.save", false) )
+ ActionLoader.getInstance().exec(data, "LogoutUser");
+ else
+ LogoutUser(data);
+ }
+
+ /*
+ * This method logs out the user like the base Turbine user action, but it does not automatically
+ * save perm data without a transaction
+ *
+ * data The rundata for the request
+ *
+ */
+ protected void LogoutUser(RunData data) throws Exception
+ {
+ User user = data.getUser();
+
+ if ( user != null )
+ {
+ // Make sure that the user has really logged in...
+ if (!user.hasLoggedIn() )
+ return;
+
+ user.setHasLoggedIn( new Boolean(false) );
+ }
+
+ data.setMessage(JetspeedResources.getString(
+ TurbineConstants.LOGOUT_MESSAGE));
+
+ // This will cause the acl to be removed from the session in
+ // the Turbine servlet code.
+ data.setACL(null);
+
+ // Retrieve an anonymous user.
+ data.setUser( JetspeedSecurity.getAnonymousUser() );
+ data.save();
+
+ // In the event that the current screen or related navigations
+ // require acl info, we cannot wait for Turbine to handle
+ // regenerating acl.
+ data.getSession().removeValue(AccessControlList.SESSION_KEY);
+
+ // If this action name is the value of action.logout then we are
+ // being run before the session validator, so we don't need to
+ // set the screen (we assume that the session validator will handle
+ // that). This is basically still here simply to preserve old behaviour
+ // - it is recommended that action.logout is set to "LogoutUser" and
+ // that the session validator does handle setting the screen/template
+ // for a logged out (read not-logged-in) user.
+ if (!JetspeedResources.getString(TurbineConstants.ACTION_LOGOUT, "")
+ .equals("LogoutUser"))
+ {
+ data.setScreen(JetspeedResources.getString(
+ TurbineConstants.SCREEN_HOMEPAGE));
+ }
}
+
}
1.7 +28 -15 jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/UserUpdateAction.java
Index: UserUpdateAction.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/UserUpdateAction.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- UserUpdateAction.java 23 Feb 2002 23:10:16 -0000 1.6
+++ UserUpdateAction.java 25 Feb 2002 04:38:12 -0000 1.7
@@ -75,7 +75,7 @@
import org.apache.turbine.services.velocity.TurbineVelocity;
// turbine om security
-import org.apache.turbine.om.security.User;
+import org.apache.jetspeed.om.security.JetspeedUser;
import org.apache.turbine.util.db.Criteria;
import org.apache.turbine.util.security.DataBackendException;
import org.apache.turbine.util.security.EntityExistsException;
@@ -152,7 +152,7 @@
{
try
{
- User user = null;
+ JetspeedUser user = null;
/*
* Grab the mode for the user form.
@@ -164,7 +164,7 @@
{
// get the primary key and put the object in the context
String username = rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID);
- user = JetspeedSecurity.getUser(username);
+ user = (JetspeedUser)JetspeedSecurity.getUser(username);
context.put(SecurityConstants.CONTEXT_USER, user);
}
@@ -179,7 +179,7 @@
context.put(SecurityConstants.PARAM_MSG, SecurityConstants.MESSAGES[id]);
// get the bad entered data and put it back for convenient update
- User tempUser = (User)rundata.getUser().getTemp(TEMP_USER);
+ JetspeedUser tempUser = (JetspeedUser)rundata.getUser().getTemp(TEMP_USER);
if (tempUser != null)
context.put(SecurityConstants.CONTEXT_USER, tempUser);
@@ -206,7 +206,7 @@
public void doInsert(RunData rundata, Context context)
throws Exception
{
- User user = null;
+ JetspeedUser user = null;
try
{
//
@@ -229,7 +229,7 @@
//
// create a new user
//
- user = JetspeedSecurity.getUserInstance();
+ user = (JetspeedUser)JetspeedSecurity.getUserInstance();
rundata.getParameters().setProperties(user);
String password = rundata.getParameters().getString("password");
@@ -245,6 +245,9 @@
user.setCreateDate(now);
user.setLastLogin(now);
user.setConfirmed(JetspeedResources.CONFIRM_VALUE);
+
+ String disabled = rundata.getParameters().getString("disabled");
+ user.setDisabled( disabled != null );
//
// add the user
@@ -287,13 +290,13 @@
public void doAccept(RunData rundata, Context context)
throws Exception
{
- User user = null;
+ JetspeedUser user = null;
try
{
//
// get the user object from the selected entry in the browser
//
- user = JetspeedSecurity.getUser(
+ user = (JetspeedUser)JetspeedSecurity.getUser(
rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID));
user.setConfirmed(JetspeedResources.CONFIRM_VALUE);
@@ -375,13 +378,13 @@
public void doReject(RunData rundata, Context context)
throws Exception
{
- User user = null;
+ JetspeedUser user = null;
try
{
//
// get the user object from the selected entry in the browser
//
- user = JetspeedSecurity.getUser(
+ user = (JetspeedUser)JetspeedSecurity.getUser(
rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID));
user.setConfirmed(JetspeedResources.CONFIRM_VALUE_REJECTED);
@@ -464,13 +467,13 @@
public void doUpdate(RunData rundata, Context context)
throws Exception
{
- User user = null;
+ JetspeedUser user = null;
try
{
//
// get the user object from the selected entry in the browser
//
- user = JetspeedSecurity.getUser(
+ user = (JetspeedUser)JetspeedSecurity.getUser(
rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID));
String name = rundata.getParameters().getString("username");
@@ -492,18 +495,28 @@
//
// pull the values off the form and into the user object
//
+ boolean oldDisabled = user.getDisabled();
rundata.getParameters().setProperties(user);
user.setLastAccessDate();
// convert case if configured
user.setPassword(JetspeedSecurity.convertPassword(user.getPassword()));
+ String strDisabled = rundata.getParameters().getString("disabled");
+ boolean disabled = (strDisabled != null);
+ user.setDisabled(disabled);
+
+ if (!disabled && oldDisabled && JetspeedResources.getBoolean("logon.auto.disable", true))
+ {
+ JetspeedSecurity.resetUserCheck(name);
+ }
+
//
// update the user in the database
//
JetspeedSecurity.saveUser(user);
- User currentUser = rundata.getUser();
+ JetspeedUser currentUser = (JetspeedUser)rundata.getUser();
if (currentUser.getUserName().equals(user.getUserName()))
{
// same user as admin -- need to update in memory
@@ -551,13 +564,13 @@
public void doDelete(RunData rundata, Context context)
throws Exception
{
- User user = null;
+ JetspeedUser user = null;
try
{
//
// get the user object from the selected entry in the browser
//
- user = JetspeedSecurity.getUser(
+ user = (JetspeedUser)JetspeedSecurity.getUser(
rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID));
if (rundata.getUser().getUserName().equals(user.getUserName()))
1.5 +2 -0 jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_de.properties
Index: JetspeedLocalization_de.properties
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_de.properties,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- JetspeedLocalization_de.properties 17 Dec 2001 22:55:22 -0000 1.4
+++ JetspeedLocalization_de.properties 25 Feb 2002 04:38:12 -0000 1.5
@@ -71,6 +71,8 @@
EDITACCOUNT_TITLE=Zugang aktualisieren
EDITACCOUNT_NOTLOGGEDIN=Leider m�ssen Sie sich erst anmelden bevor Sie diese Seite aufrufen k�nnen.
+JLOGINUSER_ACCOUNT_DISABLED=Ihr Konto ist geschlossen.
+
TOP_TITLE=Willkommen bei Jetspeed
TOP_CREATENEWACCOUNT=Neue Registrierung
TOP_LOGINBTN=Einw�hlen
1.13 +2 -0 jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_en.properties
Index: JetspeedLocalization_en.properties
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_en.properties,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- JetspeedLocalization_en.properties 9 Feb 2002 18:42:51 -0000 1.12
+++ JetspeedLocalization_en.properties 25 Feb 2002 04:38:12 -0000 1.13
@@ -78,6 +78,8 @@
EDITACCOUNT_NOTLOGGEDIN=Sorry, you must be logged in in order to access this screen.
EDITACCOUNT_TITLE=Edit your account details
+JLOGINUSER_ACCOUNT_DISABLED=Your account is disabled. Please contact your system administrator.
+
USERFORM_USERNAMEMSG=Username:
USERFORM_PASSWORDMSG=Password:
USERFORM_PASSWORDCONFIRMMSG=Password (confirm):
1.5 +3 -1 jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_es.properties
Index: JetspeedLocalization_es.properties
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_es.properties,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- JetspeedLocalization_es.properties 18 Dec 2001 06:34:52 -0000 1.4
+++ JetspeedLocalization_es.properties 25 Feb 2002 04:38:12 -0000 1.5
@@ -1,4 +1,4 @@
-# $Id: JetspeedLocalization_es.properties,v 1.4 2001/12/18 06:34:52 paulsp Exp $
+# $Id: JetspeedLocalization_es.properties,v 1.5 2002/02/25 04:38:12 taylor Exp $
#
LOCALIZATION_MAINTAINER=nacho@apache.org
@@ -43,6 +43,8 @@
EDITACCOUNT_TITLE=Editar datos de cuenta
EDITACCOUNT_USERNAMEMSG=Usuario:
HOME=Inicio
+
+JLOGINUSER_ACCOUNT_DISABLED=Su cuenta es temporalmente cerrada. Entre en contacto con por favor a su administrador.
JLOGINUSER_CONFIRMFIRST=Sorry, but you must first confirm this account before logging in.
JLOGINUSER_KEYNOTVALID=Sorry, the secret key that you entered is not valid.
1.6 +2 -0 jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_fr.properties
Index: JetspeedLocalization_fr.properties
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_fr.properties,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- JetspeedLocalization_fr.properties 17 Dec 2001 22:55:22 -0000 1.5
+++ JetspeedLocalization_fr.properties 25 Feb 2002 04:38:12 -0000 1.6
@@ -70,6 +70,8 @@
EDITACCOUNT_TITLE=Jetspeed - Modification de Compte
EDITACCOUNT_NOTLOGGEDIN=D�sol�, vous devez �tre identifi� afin d'acc�der � cet �cran.
+JLOGINUSER_ACCOUNT_DISABLED=Votre compte temporairement cl�ture. Contactez votre systeme administrateur s'il vous plait.
+
TOP_TITLE=Bienvenue sur Jetspeed
TOP_CREATENEWACCOUNT=Cr�er un nouveau compte
TOP_LOGINBTN=Identification
1.10 +18 -1 jakarta-jetspeed/src/java/org/apache/jetspeed/services/JetspeedSecurity.java
Index: JetspeedSecurity.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/JetspeedSecurity.java,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- JetspeedSecurity.java 23 Feb 2002 23:10:16 -0000 1.9
+++ JetspeedSecurity.java 25 Feb 2002 04:38:13 -0000 1.10
@@ -75,7 +75,7 @@
*
* @see org.apache.jetspeed.services.security.JetspeedSecurityService
* @author <a href="mailto:david@bluesunrise.com">David Sean Taylor</a>
- * @version $Id: JetspeedSecurity.java,v 1.9 2002/02/23 23:10:16 taylor Exp $
+ * @version $Id: JetspeedSecurity.java,v 1.10 2002/02/25 04:38:13 taylor Exp $
*/
abstract public class JetspeedSecurity extends TurbineSecurity
@@ -198,5 +198,22 @@
{
return ((JetspeedSecurityService)getService()).convertPassword(password);
}
+
+ /**
+ * @see JetspeedSecurityService#disableUserCheck
+ */
+ public static boolean disableUserCheck(String username)
+ {
+ return ((JetspeedSecurityService)getService()).disableUserCheck(username);
+ }
+
+ /**
+ * @see JetspeedSecurityService#resetUserCheck
+ */
+ public static void resetUserCheck(String username)
+ {
+ ((JetspeedSecurityService)getService()).resetUserCheck(username);
+ }
+
}
1.16 +86 -5 jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java
Index: JetspeedDBSecurityService.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- JetspeedDBSecurityService.java 23 Feb 2002 23:10:16 -0000 1.15
+++ JetspeedDBSecurityService.java 25 Feb 2002 04:38:13 -0000 1.16
@@ -54,7 +54,9 @@
package org.apache.jetspeed.services.security;
+import java.util.HashMap;
import org.apache.jetspeed.services.JetspeedSecurity;
+import org.apache.jetspeed.om.security.JetspeedUser;
import org.apache.turbine.services.security.db.*;
import org.apache.jetspeed.portal.Portlet;
@@ -93,7 +95,7 @@
*
* @author <a href="mailto:david@bluesunrise.com">David Sean Taylor</a>
* @author <a href="mailto:sgala@hisitech.com">Santiago Gala</a>
- * @version $Id: JetspeedDBSecurityService.java,v 1.15 2002/02/23 23:10:16 taylor Exp $
+ * @version $Id: JetspeedDBSecurityService.java,v 1.16 2002/02/25 04:38:13 taylor Exp $
*/
@@ -104,6 +106,9 @@
private final static String CONFIG_CASEINSENSITIVE_USERNAME = "caseinsensitive.username";
private final static String CONFIG_CASEINSENSITIVE_PASSWORD = "caseinsensitive.password";
private final static String CONFIG_CASEINSENSITIVE_UPPER = "caseinsensitive.upper";
+ private final static String CONFIG_LOGON_STRIKE_COUNT = "logon.strike.count";
+ private final static String CONFIG_LOGON_STRIKE_MAX = "logon.strike.max";
+ private final static String CONFIG_LOGON_STRIKE_INTERVAL = "logon.strike.interval";
private final static String CONFIG_NEWUSER_ROLES = "newuser.roles";
private final static String CONFIG_DEFAULT_PERMISSION_LOGGEDIN = "permission.default.loggedin";
@@ -116,6 +121,11 @@
boolean caseInsensitiveUsername = false;
boolean caseInsensitivePassword = false;
boolean caseInsensitiveUpper = true;
+ int strikeCount = 3; // 3 within the interval
+ int strikeMax = 20; // 20 total failures
+ long strikeInterval = 300; // five minutes
+
+ private static HashMap users = new HashMap();
/**
* This is the early initialization method called by the
@@ -151,6 +161,10 @@
caseInsensitivePassword = serviceConf.getBoolean(CONFIG_CASEINSENSITIVE_PASSWORD, caseInsensitivePassword);
caseInsensitiveUpper = serviceConf.getBoolean(CONFIG_CASEINSENSITIVE_UPPER, caseInsensitiveUpper);
+ strikeCount = serviceConf.getInt(CONFIG_LOGON_STRIKE_COUNT, strikeCount);
+ strikeInterval = serviceConf.getLong(CONFIG_LOGON_STRIKE_INTERVAL, strikeInterval);
+ strikeMax = serviceConf.getInt(CONFIG_LOGON_STRIKE_MAX, strikeMax);
+
// initialization done
setInit(true);
}
@@ -448,10 +462,9 @@
username = convertUserName(username);
password = convertPassword(password);
- User user = null;
-
// Authenticate the user and get the object.
- return super.getAuthenticatedUser( username, password );
+ JetspeedUser user = (JetspeedUser)super.getAuthenticatedUser( username, password );
+ return user;
}
public String convertUserName(String username)
@@ -471,5 +484,73 @@
}
return password;
}
-
+
+ private static Object sem = new Object();
+
+ public boolean disableUserCheck(String username)
+ {
+ // TODO: make this work across a cluster of servers
+ UserLogonStats stat = (UserLogonStats)users.get(username);
+ if (stat == null)
+ {
+ stat = new UserLogonStats(username);
+ synchronized (sem)
+ {
+ users.put(username, stat);
+ }
+ }
+ boolean disabled = stat.failCheck(strikeCount, strikeInterval, strikeMax);
+
+ if (disabled)
+ {
+ try
+ {
+ // disable the account
+ JetspeedUser user = (JetspeedUser)JetspeedSecurity.getUser(username);
+ if (user != null)
+ {
+ user.setDisabled(true);
+ saveUser(user);
+ }
+ }
+ catch (Exception e)
+ {
+ Log.error("Could not disable user: " + username + e);
+ }
+ }
+ return disabled;
+ }
+
+ public void enableAccount(String username, boolean enable)
+ {
+ try
+ {
+ // disable the account
+ JetspeedUser user = (JetspeedUser)JetspeedSecurity.getUser(username);
+ if (user != null)
+ {
+ user.setDisabled(!enable);
+ saveUser(user);
+ }
+ }
+ catch (Exception e)
+ {
+ Log.error("Could not enable/disable user: " + username + e);
+ }
+ }
+
+ public void resetUserCheck(String username)
+ {
+ // TODO: make this work across a cluster of servers
+ UserLogonStats stat = (UserLogonStats)users.get(username);
+ if (stat == null)
+ {
+ stat = new UserLogonStats(username);
+ synchronized (sem)
+ {
+ users.put(username, stat);
+ }
+ }
+ stat.reset();
+ }
}
1.7 +6 -1 jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedSecurityService.java
Index: JetspeedSecurityService.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedSecurityService.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- JetspeedSecurityService.java 23 Feb 2002 23:10:16 -0000 1.6
+++ JetspeedSecurityService.java 25 Feb 2002 04:38:13 -0000 1.7
@@ -75,7 +75,7 @@
* for controlling access to portal resources (portlets, panes).
*
* @author <a href="mailto:david@bluesunrise.com">David Sean Taylor</a>
- * @version $Id: JetspeedSecurityService.java,v 1.6 2002/02/23 23:10:16 taylor Exp $
+ * @version $Id: JetspeedSecurityService.java,v 1.7 2002/02/25 04:38:13 taylor Exp $
*/
@@ -108,4 +108,9 @@
public String convertUserName(String username);
public String convertPassword(String password);
+
+ public boolean disableUserCheck(String username);
+
+ public void resetUserCheck(String username);
+
}
1.1 jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/UserLogonStats.java
Index: UserLogonStats.java
===================================================================
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2000-2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Jetspeed" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache" or
* "Apache Jetspeed", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
package org.apache.jetspeed.services.security;
import java.util.Date;
/**
* A User's statistics for logon attempts.
*
*
* @author <a href="mailto:david@bluesunrise.com">David Sean Taylor</a>
* @version $Id: UserLogonStats.java,v 1.1 2002/02/25 04:38:13 taylor Exp $
*/
public class UserLogonStats
{
private int failures = 0;
private int total = 0;
private long firstLogon = 0;
private final String username;
private boolean disabled = false;
private Object sem;
UserLogonStats(String username)
{
this.username = username;
sem = new Object();
}
public int getFailures()
{
return failures;
}
public int getTotalFailures()
{
return total;
}
public long getFirstLogon()
{
return firstLogon;
}
public String getUserName()
{
return username;
}
public boolean failCheck(int allowed, long secondsAllowed, int max)
{
synchronized(sem)
{
if (disabled)
return true;
failures = failures + 1;
total = total + 1;
if (total >= max)
{
reset();
disabled = true;
return true;
}
long msAllowed = secondsAllowed * 1000;
long now = new Date().getTime();
if (firstLogon == 0)
firstLogon = now;
long diff = now - firstLogon;
if (diff > msAllowed)
reset();
if (failures >= allowed)
{
reset();
disabled = true;
return true;
}
return false;
}
}
public void reset()
{
synchronized(sem)
{
failures = 0;
Date now = new Date();
firstLogon = now.getTime();
disabled = false;
}
}
}
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>