Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Grails plugin enables blocking user account after few attampts with incorect credentials. Preventing brute-force attacks
Groovy
Branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
grails-app
src/groovy/com/grygoriy/bruteforcedefender
.classpath
.gitignore
.project
BruteforceDefenderGrailsPlugin.groovy
README.md
application.properties

README.md

Brute-force Defender Plugin Info

Description

Plugin adds functionality of blocking user account after a configured number of failed login, thus countering brute-force attacks. Plugin is working on top of configured Spring Security Core plugin with its UserDetails.

Installation

Dependencies

  • plugin depents on Spring Security Core plugin

From grails plugin reposity

  • follow instrations here grails.org/plugin/bruteforce-defender
  • add compile ":bruteforce-defender:1.0" to BuildConfig.groovy

Install from pre-compliled

Build from sources

  • clone repo git clone https://github.com/grygoriy/bruteforcedefender.git
  • build plugin grails package-plugin
  • you should see plugin zip file in plugin directory
  • use grails install-plugin <path to file>

Configuration

Add to your Config.groovy next lines

grails.plugins.springsecurity.useSecurityEventListener = true

bruteforcedefender {
    time = 5
    allowedNumberOfAttempts = 3
}

Logging

To enable logging, add next lines in your Config.groovy

log4j = {
    ....
    environments {
        development {
            debug 'grails.app.services.com.grygoriy.bruteforcedefender'
        }
    }
}

Demo application

Here is demo application that you can just run and look how it is working. https://github.com/grygoriy/s2-brutforce-example Thanks to @stokito

Grygoriy Mykhalyuno

www.grygoriy.com

email@grygoriy.com

Bitdeli Badge

Something went wrong with that request. Please try again.