Giter Club home page Giter Club logo

page_securitycar's Introduction

page_securitycar

This page is an administrative page to manage users, and detect attack on user. An attack is define by a number of tentative to access an user account. After X tentative, the user account is disabled for security reason.

Administrator can see:

  • the last attack on user
  • see who are currently connected
  • can manage user privilege, like enable/disable an user, reset the password.

How to Install the function?

The function is compose by a custom page and filters.

  1. Install filters Stop the Bonita Engine Copy the library SecurityCar-Filter.jar under the web application library (/webapps/bonita/WEB-INF/lib for Tomcat for example)

    Modify the web.xml, add these three component:

    SecurityCarFilter org.bonitasoft.securitycar.server.SecurityCarFilter SecurityCarFilter /portal/* /bonita/* org.bonitasoft.securitycar.server.SecurityCarListenerSession

  2. Download the page, and install it in a Profile or an Application.

page_securitycar's People

Contributors

benjaminparisel avatar pierre-yves-monnet avatar vhemery avatar

Stargazers

avatar avatar

Watchers

avatar avatar avatar

Forkers

vhemery

page_securitycar's Issues

Error when post values in parameters page

Hello PY,

If i want to put a number of tentatives before block but no change password on every..., i've got this error :

Error: "securitycar:Actions Exception [groovy.lang.MissingMethodException: No signature of method: org.bonitasoft.securitycar.SecurityCarAPI.saveParameters() is applicable for argument types: (org.bonitasoft.securitycar.SecurityCarAPI$SecurityParameter) values: [org.bonitasoft.securitycar.SecurityCarAPI$SecurityParameter@2ea0ec9]] at groovy.lang.MissingMethodException: No signature of method: org.bonitasoft.securitycar.SecurityCarAPI.saveParameters() is applicable for argument types: (org.bonitasoft.securitycar.SecurityCarAPI$SecurityParameter) values: [org.bonitasoft.securitycar.SecurityCarAPI$SecurityParameter@2ea0ec9] at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.unwrap(ScriptBytecodeAdapter.java:71) at org.codehaus.groovy.runtime.callsite.PojoMetaClassSite.call(PojoMetaClassSite.java:48) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:128) at Actions.doAction(Actions.groovy:110) at Actions$doAction.call(Unknown Source) at Index.doGet(Index.groovy:83) at org.bonitasoft.console.common.server.page.PageRenderer.displayGroovyPage(PageRenderer.java:132) at org.bonitasoft.console.common.server.page.PageRenderer.displayCustomPage(PageRenderer.java:81) at org.bonitasoft.console.common.server.page.PageRenderer.displayCustomPage(PageRenderer.java:60) at org.bonitasoft.console.common.server.page.CustomPageServlet.doGet(CustomPageServlet.java:85) at javax.servlet.http.HttpServlet.service(HttpServlet.java:634) at javax.servlet.http.HttpServlet.service(HttpServlet.java:741) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.bonitasoft.securitycar.server.SecurityCarFilter.doFilter(SecurityCarFilter.java:71) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:394) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.bonitasoft.console.common.server.filter.CacheFilter.proceedWithFiltering(CacheFilter.java:74) at org.bonitasoft.console.common.server.filter.ExcludingPatternFilter.doFilter(ExcludingPatternFilter.java:37) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.bonitasoft.console.common.server.login.filter.AuthenticationRule.proceedWithRequest(AuthenticationRule.java:53) at org.bonitasoft.console.common.server.login.filter.AuthenticationFilter.isAuthorized(AuthenticationFilter.java:120) at org.bonitasoft.console.common.server.login.filter.AuthenticationFilter.doAuthenticationFiltering(AuthenticationFilter.java:95) at org.bonitasoft.console.common.server.login.filter.AuthenticationFilter.proceedWithFiltering(AuthenticationFilter.java:82) at org.bonitasoft.console.common.server.filter.ExcludingPatternFilter.doFilter(ExcludingPatternFilter.java:37) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:528) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) at org.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:476) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:810) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.base/java.lang.Thread.run(Thread.java:834) "

Are both values mandatory ?

Thanks

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.