1 31 32 package org.opencms.db; 33 34 import org.opencms.file.CmsObject; 35 import org.opencms.main.OpenCms; 36 import org.opencms.security.CmsAuthentificationException; 37 import org.opencms.security.CmsRole; 38 import org.opencms.security.CmsRoleViolationException; 39 import org.opencms.security.Messages; 40 41 import java.util.Date ; 42 import java.util.Hashtable ; 43 44 62 public class CmsLoginManager { 63 64 67 private class CmsUserData { 68 69 70 private long m_disableTimeStart; 71 72 73 private int m_invalidLoginCount; 74 75 78 protected CmsUserData() { 79 80 m_invalidLoginCount = 1; 82 } 83 84 89 protected Integer getInvalidLoginCount() { 90 91 return new Integer (m_invalidLoginCount); 92 } 93 94 99 protected Date getReleaseDate() { 100 101 return new Date (m_disableTimeStart + m_disableMillis + 1); 102 } 103 104 108 protected void increaseInvalidLoginCount() { 109 110 m_invalidLoginCount++; 111 if (m_invalidLoginCount >= m_maxBadAttempts) { 112 if (m_disableTimeStart == 0) { 114 m_disableTimeStart = System.currentTimeMillis(); 116 } 117 } 118 } 119 120 125 protected boolean isDisabled() { 126 127 if (m_disableTimeStart > 0) { 128 long currentTime = System.currentTimeMillis(); 130 if ((currentTime - m_disableTimeStart) > m_disableMillis) { 131 m_disableTimeStart = 0; 133 } 134 } 135 return m_disableTimeStart > 0; 136 } 137 } 138 139 140 public static final int DISABLE_MINUTES_DEFAULT = 15; 141 142 143 public static final int MAX_BAD_ATTEMPTS_DEFAULT = 3; 144 145 146 protected int m_disableMillis; 147 148 149 protected int m_disableMinutes; 150 151 152 protected int m_maxBadAttempts; 153 154 155 protected Hashtable m_storage; 156 157 158 private CmsLoginMessage m_loginMessage; 159 160 166 public CmsLoginManager(int disableMinutes, int maxBadAttempts) { 167 168 m_maxBadAttempts = maxBadAttempts; 169 if (m_maxBadAttempts >= 0) { 170 m_disableMinutes = disableMinutes; 172 m_disableMillis = disableMinutes * 60 * 1000; 173 m_storage = new Hashtable (); 174 } 175 } 176 177 186 private static String createStorageKey(String userName, int type, String remoteAddress) { 187 188 StringBuffer result = new StringBuffer (); 189 result.append(userName); 190 result.append('_'); 191 result.append(type); 192 result.append('_'); 193 result.append(remoteAddress); 194 return result.toString(); 195 } 196 197 208 public void checkInvalidLogins(String userName, int type, String remoteAddress) throws CmsAuthentificationException { 209 210 if (m_maxBadAttempts < 0) { 211 return; 213 } 214 215 String key = createStorageKey(userName, type, remoteAddress); 216 CmsUserData userData = (CmsUserData)m_storage.get(key); 218 if ((userData != null) && (userData.isDisabled())) { 219 throw new CmsAuthentificationException(Messages.get().container( 221 Messages.ERR_LOGIN_FAILED_TEMP_DISABLED_5, 222 new Object [] { 223 userName, 224 new Integer (type), 225 remoteAddress, 226 userData.getReleaseDate(), 227 userData.getInvalidLoginCount()})); 228 } 229 } 230 231 238 public void checkLoginAllowed() throws CmsAuthentificationException { 239 240 if ((m_loginMessage != null) && (m_loginMessage.isLoginCurrentlyForbidden())) { 241 throw new CmsAuthentificationException(Messages.get().container( 243 Messages.ERR_LOGIN_FAILED_WITH_MESSAGE_1, 244 m_loginMessage.getMessage())); 245 } 246 } 247 248 253 public int getDisableMinutes() { 254 255 return m_disableMinutes; 256 } 257 258 265 public CmsLoginMessage getLoginMessage() { 266 267 return m_loginMessage; 268 } 269 270 275 public int getMaxBadAttempts() { 276 277 return m_maxBadAttempts; 278 } 279 280 289 public void removeLoginMessage(CmsObject cms) throws CmsRoleViolationException { 290 291 cms.checkRole(CmsRole.ADMINISTRATOR); 292 m_loginMessage = null; 293 } 294 295 305 public void setLoginMessage(CmsObject cms, CmsLoginMessage message) throws CmsRoleViolationException { 306 307 if (OpenCms.getRunLevel() >= OpenCms.RUNLEVEL_3_SHELL_ACCESS) { 308 cms.checkRole(CmsRole.ADMINISTRATOR); 310 } 311 m_loginMessage = message; 312 if (m_loginMessage != null) { 313 m_loginMessage.setFrozen(); 314 } 315 } 316 317 326 protected void addInvalidLogin(String userName, int type, String remoteAddress) { 327 328 if (m_maxBadAttempts < 0) { 329 return; 331 } 332 333 String key = createStorageKey(userName, type, remoteAddress); 334 CmsUserData userData = (CmsUserData)m_storage.get(key); 336 if (userData != null) { 337 userData.increaseInvalidLoginCount(); 339 } else { 340 userData = new CmsUserData(); 342 m_storage.put(key, userData); 343 } 344 } 345 346 353 protected void removeInvalidLogins(String userName, int type, String remoteAddress) { 354 355 if (m_maxBadAttempts < 0) { 356 return; 358 } 359 360 String key = createStorageKey(userName, type, remoteAddress); 361 m_storage.remove(key); 363 } 364 } | Popular Tags |