Package org.keycloak.services.managers

Class DefaultBruteForceProtector

java.lang.Object

org.keycloak.services.managers.DefaultBruteForceProtector

All Implemented Interfaces:

Runnable, Provider, BruteForceProtector

public class DefaultBruteForceProtector
extends Object
implements Runnable, BruteForceProtector

A single thread will log failures. This is so that we can avoid concurrent writes as we want an accurate failure count

Version:

$Revision: 1 $

Author:

Bill Burke

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
protected class	DefaultBruteForceProtector.FailedLogin
protected class	DefaultBruteForceProtector.LoginEvent
protected class	DefaultBruteForceProtector.ShutdownEvent
protected class	DefaultBruteForceProtector.SuccessfulLogin

Field Summary

Fields

Modifier and Type	Field	Description
protected KeycloakSessionFactory	factory
protected long	failures
protected long	lastFailure
protected int	maxDeltaTimeSeconds
protected LinkedBlockingQueue<DefaultBruteForceProtector.LoginEvent>	queue
protected boolean	run
protected CountDownLatch	shutdownLatch
protected long	totalTime
static final int	TRANSACTION_SIZE

Fields inherited from interface org.keycloak.services.managers.BruteForceProtector

DISABLED_BY_PERMANENT_LOCKOUT

Constructor Summary

Constructors

Constructor	Description
DefaultBruteForceProtector(KeycloakSessionFactory factory)

Method Summary

Modifier and Type	Method	Description
void	cleanUpPermanentLockout(KeycloakSession session, RealmModel realm, UserModel user)	Clears any remaining traces of the permanent lockout.
void	close()
void	failedLogin(RealmModel realm, UserModel user, ClientConnection clientConnection)
protected void	failure(KeycloakSession session, DefaultBruteForceProtector.LoginEvent event)
protected RealmModel	getRealmModel(KeycloakSession session, DefaultBruteForceProtector.LoginEvent event)
protected UserLoginFailureModel	getUserModel(KeycloakSession session, DefaultBruteForceProtector.LoginEvent event)
boolean	isPermanentlyLockedOut(KeycloakSession session, RealmModel realm, UserModel user)
boolean	isTemporarilyDisabled(KeycloakSession session, RealmModel realm, UserModel user)
protected void	logFailure(DefaultBruteForceProtector.LoginEvent event)
void	run()
void	shutdown()
void	start()
protected void	success(KeycloakSession session, DefaultBruteForceProtector.LoginEvent event)
void	successfulLogin(RealmModel realm, UserModel user, ClientConnection clientConnection)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

run

protected volatile boolean run

maxDeltaTimeSeconds

protected int maxDeltaTimeSeconds

factory

protected KeycloakSessionFactory factory

shutdownLatch

protected CountDownLatch shutdownLatch

failures

protected volatile long failures

lastFailure

protected volatile long lastFailure

totalTime

protected volatile long totalTime

queue

protected LinkedBlockingQueue<DefaultBruteForceProtector.LoginEvent> queue

TRANSACTION_SIZE

public static final int TRANSACTION_SIZE

See Also:

• Constant Field Values

Constructor Details

DefaultBruteForceProtector

public DefaultBruteForceProtector(KeycloakSessionFactory factory)

Method Details

failure

protected void failure(KeycloakSession session,
 DefaultBruteForceProtector.LoginEvent event)

getUserModel

protected UserLoginFailureModel getUserModel(KeycloakSession session,
 DefaultBruteForceProtector.LoginEvent event)

getRealmModel

protected RealmModel getRealmModel(KeycloakSession session,
 DefaultBruteForceProtector.LoginEvent event)

start

public void start()

shutdown

public void shutdown()

run

public void run()

Specified by:

run in interface Runnable

success

protected void success(KeycloakSession session,
 DefaultBruteForceProtector.LoginEvent event)

logFailure

protected void logFailure(DefaultBruteForceProtector.LoginEvent event)

failedLogin

public void failedLogin(RealmModel realm,
 UserModel user,
 ClientConnection clientConnection)

Specified by:

failedLogin in interface BruteForceProtector

successfulLogin

public void successfulLogin(RealmModel realm,
 UserModel user,
 ClientConnection clientConnection)

Specified by:

successfulLogin in interface BruteForceProtector

isTemporarilyDisabled

public boolean isTemporarilyDisabled(KeycloakSession session,
 RealmModel realm,
 UserModel user)

Specified by:

isTemporarilyDisabled in interface BruteForceProtector

isPermanentlyLockedOut

public boolean isPermanentlyLockedOut(KeycloakSession session,
 RealmModel realm,
 UserModel user)

Specified by:

isPermanentlyLockedOut in interface BruteForceProtector

cleanUpPermanentLockout

public void cleanUpPermanentLockout(KeycloakSession session,
 RealmModel realm,
 UserModel user)

Description copied from interface: BruteForceProtector

Clears any remaining traces of the permanent lockout. Does not enable the user as such!

Specified by:

cleanUpPermanentLockout in interface BruteForceProtector

close

public void close()

Specified by:

close in interface Provider