Package org.owasp.esapi
Interface IntrusionDetector
-
- All Known Implementing Classes:
DefaultIntrusionDetector
public interface IntrusionDetector
The IntrusionDetector interface is intended to track security relevant events and identify attack behavior. The implementation can use as much state as necessary to detect attacks, but note that storing too much state will burden your system.The interface is currently designed to accept exceptions as well as custom events. Implementations can use this stream of information to detect both normal and abnormal behavior.
- Since:
- June 1, 2007
- Author:
- Jeff Williams (jeff.williams .at. aspectsecurity.com) Aspect Security
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description void
addEvent(java.lang.String eventName, java.lang.String logMessage)
Adds the event to the IntrusionDetector.void
addException(java.lang.Exception exception)
Adds the exception to the IntrusionDetector.
-
-
-
Method Detail
-
addException
void addException(java.lang.Exception exception) throws IntrusionException
Adds the exception to the IntrusionDetector. This method should immediately log the exception so that developers throwing an IntrusionException do not have to remember to log every error. The implementation should store the exception somewhere for the current user in order to check if the User has reached the threshold for any Enterprise Security Exceptions. The User object is the recommended location for storing the current user's security exceptions. If the User has reached any security thresholds, the appropriate security action can be taken and logged.- Parameters:
exception
- the exception thrown- Throws:
IntrusionException
- the intrusion exception
-
addEvent
void addEvent(java.lang.String eventName, java.lang.String logMessage) throws IntrusionException
Adds the event to the IntrusionDetector. This method should immediately log the event. The implementation should store the event somewhere for the current user in order to check if the User has reached the threshold for any Enterprise Security Exceptions. The User object is the recommended location for storing the current user's security event. If the User has reached any security thresholds, the appropriate security action can be taken and logged.- Parameters:
eventName
- the event to addlogMessage
- the message to log with the event- Throws:
IntrusionException
- the intrusion exception
-
-