/// <summary>
/// Execute action
/// </summary>
/// <param name="action">Action name</param>
/// <param name="ie">Intrusion exception</param>
/// <remarks>IntrusionException will be thrown if action not known</remarks>
internal void Execute(string action, IntrusionException ie)
{
Debug.Assert(ie != null);
if (0 == string.Compare(action, "log", true))
{
Esapi.Logger.Fatal(LogEventTypes.SECURITY, ie.LogMessage);
}
else if (0 == string.Compare(action, "disable", true))
{
MembershipUser user = Membership.GetUser();
if (user != null)
{
user.IsApproved = false;
Membership.UpdateUser(user);
}
}
else if (0 == string.Compare(action, "logout", true))
{
FormsAuthentication.SignOut();
}
else
{
throw ie;
}
}
/// <summary>
/// Execute action
/// </summary>
/// <param name="args">Arguments</param>
public void Execute(ActionArgs args)
{
if (args == null)
{
return;
}
IntrusionException intrusionException = args.FaultException as IntrusionException;
if (intrusionException != null)
{
Esapi.Logger.Fatal(LogEventTypes.SECURITY, intrusionException.LogMessage);
}
}
/// <summary>
/// Instrusion was detected
/// </summary>
/// <param name="eventName"></param>
private void OnIntrusionDetected(string eventName, IntrusionException e)
{
Debug.Assert(e != null);
Threshold quota = GetEventThreshold(eventName);
if (quota == null)
{
throw new ArgumentException(EM.IntrusionDetector_UnknownEventName, "eventName");
}
// Take actions
foreach (string action in quota.Actions)
{
// Log action execution
string message = string.Format(EM.InstrusionDetector_ExceededQuota4, quota.MaxOccurences, quota.MaxTimeSpan, eventName, action);
_logger.Fatal(LogEventTypes.SECURITY, "INTRUSION - " + message);
_actionManager.Execute(action, e);
}
}
