public bool AllowRequest(ref SecurityIP ip, HttpContextBase context)
{
Logger.Debug(string.Format("{0} has {1} authentication exception events.", ip.IP, ip.AuthenticationExceptions.Count));
if (ip.AuthenticationExceptions.Count < Threshold)
{
return true;
}
ip.ResetAuthenticationEvents();
return false;
}
public void LogRequestException(SecurityIP ip, HttpContextBase context, string exceptionType, string eventName,
Severity severity, string additionalInfo)
{
var message = String.Format("REQUEST EXCEPTION;{0};{1};{2};{3};{4};{5}",
eventName,
context.Request.Url != null ? context.Request.Url.AbsolutePath : "",
SanitizeHttpMethod(context.Request.GetHttpMethodOverride()),
context.Request.UserHostAddress,
severity,
additionalInfo);
Log(message);
}
public void LogAuthenticationRequest(SecurityIP securityIp, string username, object passwordk, string ip,
string eventName, Severity severity, string additionalInfo)
{
var message = String.Format("AUTHENTICATION EXCEPTION;{0};{1};{2};{3};{4};",
eventName,
ip,
severity,
SanitizeHttpMethod(username),
additionalInfo
);
Log(message);
}
protected bool Equals(SecurityIP other)
{
return string.Equals(IP, other.IP);
}
private SecurityIP GetOrCreateSecurityIp(string ip)
{
if (securityIps.Any(x => x.IP.Equals(ip)))
{
return securityIps.First(x => x.IP.Equals(ip));
}
var securityIp = new SecurityIP(ip);
securityIps.Add(securityIp);
return securityIp;
}
