public void AddException(Exception e)
{
if (e is EnterpriseSecurityException)
{
IntrusionDetector.logger.LogWarning(ILogger_Fields.SECURITY, ((EnterpriseSecurityException)e).LogMessage, e);
}
else
{
IntrusionDetector.logger.LogWarning(ILogger_Fields.SECURITY, e.Message, e);
}
User currentUser = (User)Owasp.Esapi.Esapi.Authenticator().GetCurrentUser();
string fullName = e.GetType().FullName;
if (e is IntrusionException)
{
return;
}
try
{
currentUser.AddSecurityEvent(fullName);
}
catch (IntrusionException ex)
{
Threshold quota = Owasp.Esapi.Esapi.SecurityConfiguration().GetQuota(fullName);
foreach (string action in (IEnumerable)quota.Actions)
{
string message = "User exceeded quota of " + (object)quota.Count + " per " + (object)quota.Interval + " seconds for event " + fullName + ". Taking actions " + quota.Actions.ToString();
this.TakeSecurityAction(action, message);
}
}
}
public virtual void AddEvent(string eventName)
{
IntrusionDetector.logger.LogWarning(ILogger_Fields.SECURITY, "Security event " + eventName + " received");
User currentUser = (User)Owasp.Esapi.Esapi.Authenticator().GetCurrentUser();
try
{
currentUser.AddSecurityEvent("event." + eventName);
}
catch (IntrusionException ex)
{
Threshold quota = Owasp.Esapi.Esapi.SecurityConfiguration().GetQuota("event." + eventName);
foreach (string action in (IEnumerable)quota.Actions)
{
string message = "User exceeded quota of " + (object)quota.Count + " per " + (object)quota.Interval + " seconds for event " + eventName + ". Taking actions " + quota.Actions.ToString();
this.TakeSecurityAction(action, message);
}
}
}
// FIXME: ENHANCE consider allowing both per-user and per-application quotas
// e.g. number of failed logins per hour is a per-application quota
/// <summary> This implementation uses an exception store in each User object to track
/// exceptions.
/// </summary>
/// <param name="e">The exception to add.
/// </param>
/// <seealso cref="Owasp.Esapi.Interfaces.IIntrusionDetector.AddException(Exception)">
/// </seealso>
public void AddException(Exception e)
{
if (e is EnterpriseSecurityException)
{
logger.LogWarning(ILogger_Fields.SECURITY, ((EnterpriseSecurityException)e).LogMessage, e);
}
else
{
logger.LogWarning(ILogger_Fields.SECURITY, e.Message, e);
}
// add the exception to the current user, which may trigger a detector
User user = (User)Esapi.Authenticator().GetCurrentUser();
String eventName = e.GetType().FullName;
// FIXME: AAA Rethink this - IntrusionExceptions which shouldn't get added to the IntrusionDetector
if (e is IntrusionException)
{
return;
}
// add the exception to the user's store, handle IntrusionException if thrown
try
{
user.AddSecurityEvent(eventName);
}
catch (IntrusionException ex)
{
Threshold quota = Esapi.SecurityConfiguration().GetQuota(eventName);
IEnumerator i = quota.Actions.GetEnumerator();
while (i.MoveNext())
{
string action = (string)i.Current;
string message = "User exceeded quota of " + quota.Count + " per " + quota.Interval + " seconds for event " + eventName + ". Taking actions " + quota.Actions.ToString();
TakeSecurityAction(action, message);
}
}
}
/// <summary> Adds the event to the IntrusionDetector.
///
/// </summary>
/// <param name="eventName">The event to add.
/// </param>
/// <seealso cref="Owasp.Esapi.Interfaces.IIntrusionDetector.AddEvent(string)">
/// </seealso>
public virtual void AddEvent(string eventName)
{
logger.LogWarning(ILogger_Fields.SECURITY, "Security event " + eventName + " received");
// add the event to the current user, which may trigger a detector
User user = (User)Esapi.Authenticator().GetCurrentUser();
try
{
user.AddSecurityEvent("event." + eventName);
}
catch (IntrusionException ex)
{
Threshold quota = Esapi.SecurityConfiguration().GetQuota("event." + eventName);
IEnumerator i = quota.Actions.GetEnumerator();
while (i.MoveNext())
{
string action = (string)i.Current;
string message = "User exceeded quota of " + quota.Count + " per " + quota.Interval + " seconds for event " + eventName + ". Taking actions " + quota.Actions.ToString();
TakeSecurityAction(action, message);
}
}
}
