private BruteForcePreventionConfig getConfig() { BruteForcePreventionConfig config = securityManager.getSecurityConfig().getBruteForcePrevention(); if (config == null) { return BruteForcePreventionConfig.DEFAULT; } else { return config; } }
public SecurityManagerConfig(SecurityManagerConfig config) { this.roleServiceName = config.getRoleServiceName(); this.authProviderNames = config.getAuthProviderNames() != null ? new ArrayList<String>(config.getAuthProviderNames()) : null; this.filterChain = config.getFilterChain() != null ? new GeoServerSecurityFilterChain(config.getFilterChain()) : null; this.rememberMeService = new RememberMeServicesConfig(config.getRememberMeService()); this.bruteForcePrevention = new BruteForcePreventionConfig(config.getBruteForcePrevention()); this.encryptingUrlParams = config.isEncryptingUrlParams(); this.configPasswordEncrypterName = config.getConfigPasswordEncrypterName(); // this.masterPasswordURL=config.getMasterPasswordURL(); // this.masterPasswordStrategy=config.getMasterPasswordStrategy(); }
@Test public void testTooManyBlockedThreads() throws Exception { // configure it to allow only one thread in the wait list GeoServerSecurityManager manager = applicationContext.getBean(GeoServerSecurityManager.class); final SecurityManagerConfig securityConfig = manager.getSecurityConfig(); BruteForcePreventionConfig bruteForceConfig = securityConfig.getBruteForcePrevention(); bruteForceConfig.setMaxBlockedThreads(1); manager.saveSecurityConfig(securityConfig); // hit with many different users testParallelLogin("Too many failed logins waiting on delay", i -> "foo" + i); }
@Before public void resetBruteForceAttackConfig() throws Exception { GeoServerSecurityManager manager = applicationContext.getBean(GeoServerSecurityManager.class); final SecurityManagerConfig securityConfig = manager.getSecurityConfig(); BruteForcePreventionConfig bruteForceConfig = securityConfig.getBruteForcePrevention(); bruteForceConfig.setEnabled(true); // one second fixed delay bruteForceConfig.setMinDelaySeconds(1); bruteForceConfig.setMaxDelaySeconds(1); bruteForceConfig.setMaxBlockedThreads(100); bruteForceConfig.setWhitelistedMasks(Collections.emptyList()); manager.saveSecurityConfig(securityConfig); }