/// <summary> /// Execute action /// </summary> /// <param name="action">Action name</param> /// <param name="ie">Intrusion exception</param> /// <remarks>IntrusionException will be thrown if action not known</remarks> internal void Execute(string action, IntrusionException ie) { Debug.Assert(ie != null); if (0 == string.Compare(action, "log", true)) { Esapi.Logger.Fatal(LogEventTypes.SECURITY, ie.LogMessage); } else if (0 == string.Compare(action, "disable", true)) { MembershipUser user = Membership.GetUser(); if (user != null) { user.IsApproved = false; Membership.UpdateUser(user); } } else if (0 == string.Compare(action, "logout", true)) { FormsAuthentication.SignOut(); } else { throw ie; } }
/// <summary> /// Execute action /// </summary> /// <param name="args">Arguments</param> public void Execute(ActionArgs args) { if (args == null) { return; } IntrusionException intrusionException = args.FaultException as IntrusionException; if (intrusionException != null) { Esapi.Logger.Fatal(LogEventTypes.SECURITY, intrusionException.LogMessage); } }
/// <summary> /// Instrusion was detected /// </summary> /// <param name="eventName"></param> private void OnIntrusionDetected(string eventName, IntrusionException e) { Debug.Assert(e != null); Threshold quota = GetEventThreshold(eventName); if (quota == null) { throw new ArgumentException(EM.IntrusionDetector_UnknownEventName, "eventName"); } // Take actions foreach (string action in quota.Actions) { // Log action execution string message = string.Format(EM.InstrusionDetector_ExceededQuota4, quota.MaxOccurences, quota.MaxTimeSpan, eventName, action); _logger.Fatal(LogEventTypes.SECURITY, "INTRUSION - " + message); _actionManager.Execute(action, e); } }