Beispiel #1
0
  /**
   * Authenticate the user and returns a new client {@link Context} instance.
   *
   * @return client context
   * @throws LoginException login exception
   */
  public Context authenticate() throws LoginException {
    final byte[] address = token(req.getRemoteAddr());
    try {
      if (user == null || user.isEmpty() || pass == null || pass.isEmpty())
        throw new LoginException(NOPASSWD);
      final Context ctx = new Context(context(), null);
      ctx.user = ctx.users.get(user);
      if (ctx.user == null || !ctx.user.password.equals(md5(pass))) throw new LoginException();

      context.blocker.remove(address);
      return ctx;
    } catch (final LoginException ex) {
      // delay users with wrong passwords
      for (int d = context.blocker.delay(address); d > 0; d--) Performance.sleep(100);
      throw ex;
    }
  }
Beispiel #2
0
 /**
  * Returns a string with the remote user address.
  *
  * @return user address
  */
 private String address() {
   return req.getRemoteAddr() + ':' + req.getRemotePort();
 }