[rules-users] Design question for user login monitoring
Earnie Dyke
earniedyke at yahoo.com
Thu Jun 10 11:14:27 EDT 2010
Greetings all,
I have web app that I want to add user login monitoring to. The intent would
be to identify hack attempts such as:
1. same user attempting login with invalid password over period of time
2. multiple failed login attempts with user id that varies only slightly
3. logins by the same user from multiple computers (license sharing)
I believe I can do this with Fusion based rules but I have some design
issues that I cannot resolve:
1. Since the login data is not tied to a specific user, I would like to have
a singleton that collects the data and reasons over it. Should I use an
MBean for this?
2. Because I have a singleton who to I get results for a specific users
login attempt (I need to kick the user out)?
Any other suggestions would be welcome.
Thanks!
Earnie!
--
View this message in context: http://drools-java-rules-engine.46999.n3.nabble.com/Design-question-for-user-login-monitoring-tp885841p885841.html
Sent from the Drools - User mailing list archive at Nabble.com.
More information about the rules-users
mailing list