Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

request timeout in jsp

 
vikhyath reddy
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hello everybody , i am trying to set a request time-out (so that unauthorized users are blocked from logging into another user's account after they fail some 5 times)... any ideas ?
 
Bauke Scholtz
Ranch Hand
Posts: 2458
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Request timeout? Don't you rather mean that you want to block login for a certain time?
 
vikhyath reddy
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
yes exactly ! thanks for your response ... so how do i go about it ?
 
Bauke Scholtz
Ranch Hand
Posts: 2458
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can't implement it in a hack-safe way.

Best what you can do is to for example set a cookie, or to check the user's IP address, or to set a toggle in the session, etcetera. But an experienced hacker can easily go around that.
 
vikhyath reddy
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
thanks.. and what about denying all request for an amount of time instead of denying him forver ? how to implement that
 
Bauke Scholtz
Ranch Hand
Posts: 2458
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
With the cookie approach, just set the max age of the cookie. If the cookie isn't there anymore, then it has been expired. For the server side solutions, just store the current timestamp and compare against it in the subsequent requests.
 
Pixy
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Session seems to be a good idea over cookies, for blocking any user after certain number of attempts.
I am not sure about what backend you are using, but you could create a table to maintain the blocked status and its limit through your application or even property file would suffice,
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64833
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
"Pixy", please check your private messages for an important administrative matter. Again.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic