iSharkFly-Docs
/
java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

prevent brute force improve

This commit is contained in:
DOHA 2015-12-12 13:19:57 +02:00
parent ffd0759d5a
commit 418be41d9c
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
spring-security-login-and-registration/src/main/java/org/baeldung/security/MyUserDetailsService.java
View File

@ -45,7 +45,7 @@ public class MyUserDetailsService implements UserDetailsService {
@Override @Override
public UserDetails loadUserByUsername(final String email) throws UsernameNotFoundException { public UserDetails loadUserByUsername(final String email) throws UsernameNotFoundException {
final String ip = request.getRemoteAddr(); final String ip = getClientIP();
if (loginAttemptService.isBlocked(ip)) { if (loginAttemptService.isBlocked(ip)) {
throw new RuntimeException("blocked"); throw new RuntimeException("blocked");
} }
@ -88,4 +88,10 @@ public class MyUserDetailsService implements UserDetailsService {
return authorities; return authorities;
} }
private String getClientIP() {
final String xfHeader = request.getHeader("X-Forwarded-For");
if (xfHeader == null)
return request.getRemoteAddr();
return xfHeader.split(",")[0];
}
} }