• Home
• se.wfh.libs.common
• web
• 0.15.1
• source code
• BruteforceEJB.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

se.wfh.libs.common.web.ejb.BruteforceEJB Maven / Gradle / Ivy

package se.wfh.libs.common.web.ejb;

import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;

import javax.ejb.EJB;
import javax.ejb.Singleton;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import se.wfh.libs.common.web.ConfigFields;
import se.wfh.libs.common.web.ejb.interfaces.BruteforceBean;
import se.wfh.libs.common.web.ejb.interfaces.ConfigBean;
import se.wfh.libs.common.web.ejb.interfaces.DateBean;
import se.wfh.libs.common.web.exceptions.ValidationException;
import se.wfh.libs.common.web.util.ApplicationHelper;
import se.wfh.libs.common.web.util.FacesTools;

@EJB(name = "BruteforceEJB", beanInterface = BruteforceBean.class)
@Singleton
public class BruteforceEJB implements BruteforceBean {
	private static final long serialVersionUID = 1L;
	private static final Logger LOGGER = LoggerFactory
			.getLogger(BruteforceEJB.class);

	private final Map> falseLogins;
	private final Map bans;

	@EJB
	private ConfigBean configBean;

	@EJB
	private DateBean dateBean;

	public BruteforceEJB() {
		falseLogins = new HashMap<>();
		bans = new HashMap<>();
	}

	@Override
	public void checkBanned() throws ValidationException {
		String ipAddr = ApplicationHelper.getIp(FacesTools.getRequest());

		// Bruteforce Check
		if (isBanned(ipAddr)) {
			Date till = getBannedTill(ipAddr);
			LOGGER.warn("User banned due to too many tries: {}", ipAddr);
			throw new ValidationException(getMessageAccessBan(till));
		}
	}

	@Override
	public Date getBannedTill(final String ipaddr) {
		return bans.get(ipaddr);
	}

	@Override
	public String getMessageAccessBan(final Date till) {
		return "Deine IP wurde wegen zu vielen Zugriffsversuchen bis "
				+ dateBean.toDisplayString(till) + " gesperrt!";
	}

	@Override
	public int getTriesRemaining(final String ipaddr) {
		int result = configBean.getInt(ConfigFields.SECURITY_LOGIN_TRIES,
				ConfigFields.SECURITY_LOGIN_TRIES_DEFVAL);

		if (isBanned(ipaddr)) {
			result = 0;
		} else if (falseLogins.containsKey(ipaddr)) {
			result -= falseLogins.get(ipaddr).size();
		}

		return result;
	}

	@Override
	public void increment(final String ipaddr) {
		if (falseLogins.containsKey(ipaddr)) {
			Set tries = falseLogins.get(ipaddr);
			tries.add(new Date());

			if (tries.size() >= configBean.getInt(ConfigFields.SECURITY_LOGIN_TRIES,
					ConfigFields.SECURITY_LOGIN_TRIES_DEFVAL)) {
				Date till = new Date();
				till.setTime(System.currentTimeMillis()
						+ configBean.getInt(ConfigFields.SECURITY_LOGIN_BANTIME,
								ConfigFields.SECURITY_LOGIN_BANTIME_DEFVAL));

				tries.clear();
				bans.put(ipaddr, till);
			}
		} else {
			Set tries = new TreeSet<>();
			tries.add(new Date());

			falseLogins.put(ipaddr, tries);
		}

		LOGGER.warn("Unsuccessfull login try from {}.", ipaddr);
	}

	@Override
	public boolean isBanned(final String ipaddr) {
		boolean result = false;
		Date now = new Date();
		if (bans.containsKey(ipaddr) && bans.get(ipaddr).after(now)) {
			result = true;
		}

		return result;
	}

	@Override
	public void removeBan(final String ipaddr) {
		bans.remove(ipaddr);
		falseLogins.remove(ipaddr);
	}
}