尝试失败后尝试显示登录尝试和用户锁定消息
[英]Trying to display login attempts and user lockout message after failed attempts
问题描述
I am working on a login page for an FTP site. 
我正在使用FTP站点的登录页面。 It runs off a Tomcat 8 server and is configured to lockout users after 3 failed attempts for 15 minutes. 它在Tomcat 8服务器上运行,并配置为在3次失败的尝试后15分钟内锁定用户。 I would like to display a message on the login page after the user has been locked out. 用户被锁定后,我想在登录页面上显示一条消息。 The problem is when there is a failed login the page refreshes (redirects back to login page) which clears everything. 问题是当登录失败时,页面刷新(重定向回登录页面),这将清除所有内容。
I did managed to get a login attempts remaining error message, however, it doesn't work 100% because i just save it to a cookie and its not connected to the user account at all. 我确实设法获得了登录尝试剩余的错误消息,但是,它无法100%正常工作,因为我只是将其保存到Cookie中,并且根本没有连接到用户帐户。 Is there anyway to get username (who's logging in) and their login attempts and/or if they are locked out? 无论如何,是否有获取用户名(谁已登录)及其登录尝试和/或是否被锁定的信息?
So I want to display 2 things: 所以我想显示两件事:
- Login attempts remaining per user 每个用户剩余的登录尝试次数
- User is locked out, with username 用户被锁定,使用用户名
Login page: 登录页面:
<%@page import="org.apache.catalina.User"%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="<%=request.getContextPath()%>/css/master.css">
<script type="text/javascript" src="<%=request.getContextPath()%>/javascript/javascript.js"></script>
</head>
<body bgcolor="#ffffff">
<div class="container" role="main">
<form method="POST" action="j_security_check">
<table border="0" align="center">
<tr>
<td>Login</td>
<td><input id="user" type="text" name="j_username" autocomplete="off"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="j_password" autocomplete="off"></td>
</tr>
</table>
<%
User user = (User) request.getSession().getAttribute("user");
System.out.println("User: " + user);
if (request.getParameter("error") != null) {
System.out.println("Error: " + request.getParameter("error"));
%>
<div id="errorLogin">Invalid username or password</div>
<br/>
<div><span id="loginAttempt"><script>loginAttempts("<%=user%>");</script></span></div>
<%
}
%>
<input type="submit" value="Login">
</form>
</div>
<% response.setHeader("Cache-Control", "no-cache"); // HTTP 1.1
response.setHeader("Cache-Control", "no-store");
response.setHeader("Pragma", "no-cache"); // HTTP 1.0
response.setHeader("Expires", "0"); // Prevents cache at proxy server
%>
</body>
</html>
javascipt.js javascipt.js
var loginattempts = null;
var temp;
function loginAttempts(user) {
//var user = document.getElementById('user').value;
var div = document.getElementById('loginAttempt');
var msg = "Warning: Login attempts remaining: ";
loginattempts = getCookie("login");
if (loginattempts === "" || loginattempts === null) {
createCookie("login", 3, 5);
temp = getCookie("login");
div.textContent = msg + temp.toString();
} else if (loginattempts === "0" || loginattempts === 0) {
div.textContent = user + " has been locked out";
} else {
temp = getCookie("login") - 1 ;
div.textContent = msg + temp.toString();
}
debugger;
}
function getCookie(cname) {
var name = cname + "=";
var decodedCookie = decodeURIComponent(document.cookie);
var ca = decodedCookie.split(';');
for(var i = 0; i <ca.length; i++) {
var c = ca[i];
while (c.charAt(0) === ' ') {
c = c.substring(1);
}
if (c.indexOf(name) === 0) {
return c.substring(name.length, c.length);
}
}
return "";
}
function createCookie(cname, cvalue, exdays) {
var d = new Date();
d.setTime(d.getTime() + (exdays*24*60*60*1000));
var expires = "expires=" + d.toUTCString();
document.cookie = cname + "=" + cvalue + ";" + expires + ";path=/";
}
server.xml lockout: server.xml锁定:
<Realm className="org.apache.catalina.realm.LockOutRealm" failureCount="3" lockOutTime="900" cacheSize="1000" cacheRemovalWarningTime="3600">
1 个解决方案
解决方案1
0 2017-06-22 17:57:20
我自己解决了这个问题,我使用Cookie来存储信息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.