File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Servlets and the fly likes Login Tries Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Login Tries" Watch "Login Tries" New topic
Author

Login Tries

Farakh khan
Ranch Hand

Joined: Mar 22, 2008
Posts: 732
Respected Sir/Madam,

I have the following requirements:

1. System shall display Captcha after 3 failed login tries
2. System shall ban the IP for 24 hours after 9 failed tries

I am thinking to do in following steps:
1- put IP into session
2- count tries for that IP
3- when tries++=3 then show captcha
4- if tries++=9 then ban IP for 24 hours

I can do first 3 steps but how can I ban IP for 24 hours? may I insert into a db table or is there any other solution?

Best regards

Nicola Garofalo
Ranch Hand

Joined: Apr 10, 2010
Posts: 308
Yes, you could.

You could insert the time of the ninth login attempt in a db table.
Everytime the same ip tries to login, you compute the difference between the login time and the time you stored in your db table.
If this difference is 24 hours or more you allow the login.


Bye,
Nicola
Farakh khan
Ranch Hand

Joined: Mar 22, 2008
Posts: 732
Nicola Garofalo wrote:Yes, you could.

You could insert the time of the ninth login attempt in a db table.
Everytime the same ip tries to login, you compute the difference between the login time and the time you stored in your db table.
If this difference is 24 hours or more you allow the login.


Thanks a lot. Appreciated

Bet regards
Nicola Garofalo
Ranch Hand

Joined: Apr 10, 2010
Posts: 308
You are welcome Farakh, it's just an idea anyway.

I hope you will find other even more valuable and effective ideas.

If you encounter problems in the implementation, just post them here and we can comment them together.
Alpesh Padra
Ranch Hand

Joined: Jan 10, 2010
Posts: 41
You can use flat file instead of Database for better performance.

because for making DB connection and fire select statement performance hit for application.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61417
    
  67

"love java", please check your private messages for an important administrative matter.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Login Tries