[jboss-as7-dev] A simple timed cache?

Darran Lofthouse darran.lofthouse at jboss.com
Tue Sep 6 11:54:47 EDT 2011


On 09/06/2011 02:50 PM, Sanne Grinovero wrote:
>>>
>>> Depending on your needs it might not suite you: LIRS provides a
>>> bounded container, so it might drop some values even if the timeout
>>> was not reached.
>>
>> Thanks Sanne, that is probably not going to meet what I need - one thing I
>> am looking at is better tracking of failed authentication attempts so I
>> wouldn't want someone to be able to force an item out by causing additional
>> entries to be added.
>>
>
> I really don't know about your plans, but having a limit in the amount
> of entries the cache will be able to hold is generally a good idea.

Yes in that case I would probably look at an option to just stop 
accepting remote connection attempts if it appears the server is really 
under attack - I will start a separate discussion on how people believe 
that should behave.

> A malicious user could otherwise find a pattern to fill the memory of
> the AS by sending the appropriate (failing) authentication attempts,
> maybe from multiple users.
>
> Sanne


More information about the jboss-as7-dev mailing list