Security CarV1.0.1 (June 30 2020) |
 |
|
1.0.2 First version |
Theses users are block after x invalid tentatives to connect
| User name | Last access | Nb tentatives | Operation | ||
|---|---|---|---|---|---|
| {{userinfo.username}} | {{userinfo.lastaccessdate}} | {{userinfo.nbtentative}} |
|
| Date | Number of tentative | User attacked | Finally correct | Client Address | Client Host |
|---|---|---|---|---|---|
| {{theftlog.lastTentativeTime | date:'MM/dd/yyyy HH:mm:ss'}} | {{theftlog.nbTentatives}} | {{theftlog.userName}} | {{theftlog.isFinalyCorrect}} | {{theftlog.remoteAddr}} | {{theftlog.remoteHost}} |
Search users and information on users
Filter on user :
from
number of lines
| User name | First name | Last name | Last connection | Nb tentatives | Status | |||
|---|---|---|---|---|---|---|---|---|
| {{userinfo.username}} | {{userinfo.firstname}} | {{userinfo.lastname}} | {{userinfo.lastconnection}} | {{userinfo.nbtentatives}} |
|
| Slot | Number of hit | Average time | Pic Tomcat thread | Top 10 | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| {{slotactivity.slottime | date:'MM/dd/yyyy HH:mm:ss'}} | {{slotactivity.nbhits}} | {{slotactivity.averagetime}} ms | {{slotactivity.picthreadtomcat}} |
|
Fix parameters
| Password Expire : | |
| Password has to be change every : | days |
| Number of tentative before block: | |
Install the SecurityCar Filter
This component is mandatory to register every attack, and register who logs the portal.
Note: in a cluster, this procedure has to be done on each node on the Cluster.2. Copy the SecurityCar-
This library is available under the additionallib directory, in the ZIP file.
Copy it under the web application library:/webapps/bonita/WEB-INF/lib
/webapps/bonita/WEB-INF/web.xml, add these three components. Add it after an existing Filter in the XML.
Note: in a cluster, this procedure has to be done on each node on the Cluster.
1. Stop the Bonita Server
stop-bonita.[sh|.bat]
2. Copy the SecurityCar--Filter.jar
This library is available under the additionallib directory, in the ZIP file.Copy it under the web application library:
3. Reference the filter
Modify the
<!-- SecurityCar Filter -->
<filter>
<filter-name>SecurityCarFilter</filter-name>
<filter-class>org.bonitasoft.securitycar.server.SecurityCarFilter</filter-class>
</filter>
<!-- SecurityCar mapping -->
<filter-mapping>
<filter-name>SecurityCarFilter</filter-name>
<url-pattern>/portal/*</url-pattern>
<url-pattern>/bonita/*</url-pattern>
</filter-mapping>
<!-- SecurityCar Listener -->
<listener>
<listener-class>org.bonitasoft.securitycar.server.SecurityCarListenerSession</listener-class>
</listener>
<filter>
<filter-name>SecurityCarFilter</filter-name>
<filter-class>org.bonitasoft.securitycar.server.SecurityCarFilter</filter-class>
</filter>
<!-- SecurityCar mapping -->
<filter-mapping>
<filter-name>SecurityCarFilter</filter-name>
<url-pattern>/portal/*</url-pattern>
<url-pattern>/bonita/*</url-pattern>
</filter-mapping>
<!-- SecurityCar Listener -->
<listener>
<listener-class>org.bonitasoft.securitycar.server.SecurityCarListenerSession</listener-class>
</listener>
4. Restart the server
start-bonita.[sh|.bat]
Install the Valve
The valve register all URL arriving on the server, one line per request. Attention, the file may become huge !
Note: in a cluster, this procedure has to be done on each node on the Cluster./conf/server.xml, add this part under <Host appBase="webapps"... XML node
/workspace/server_configuration/tomcat_conf/server.xml
Note: in a cluster, this procedure has to be done on each node on the Cluster.
1. Stop the Bonita Server
stop-bonita.[sh|.bat]
2. Reference the Valve
Modify the
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" pattern="%D;%U;%h;%s;%b;%t;"%r"" prefix="access_log" suffix=".csv"/>
Note: for the Tomcat behind the studio, the original source in under 3. Restart the Bonita server
start-bonita.[sh|.bat]