Package com.oorian.security

Class BruteForceConfig

java.lang.Object
com.oorian.security.BruteForceConfig
public class BruteForceConfig extends Object
Configuration for brute-force attack protection.

Defines thresholds and behavior for tracking failed authentication attempts and locking out users or IP addresses that exceed the configured limits.

Usage:


 setBruteForceProtection(BruteForceConfig.create()
     .maxAttempts(5)
     .lockoutDurationMillis(15 * 60 * 1000)  // 15 minutes
     .progressiveDelay(true));
Since:
2.1
Version:
1.0
Author:
Marvin P. Warble Jr.
See Also:

  • Method Details

    • create

      public static BruteForceConfig create()
      Creates a new BruteForceConfig with default settings.

      Defaults: 5 max attempts, 15-minute lockout, progressive delay enabled, 1-second base delay.

      Returns:
      a new config instance

    • maxAttempts

      public BruteForceConfig maxAttempts(int max)
      Sets the maximum number of failed attempts before lockout.
      Parameters:
      max - the maximum attempts (default: 5)
      Returns:
      this config for chaining

    • lockoutDurationMillis

      public BruteForceConfig lockoutDurationMillis(long millis)
      Sets the lockout duration in milliseconds.

      After lockout, the user/IP must wait this long before retrying.

      Parameters:
      millis - the lockout duration (default: 900000 = 15 minutes)
      Returns:
      this config for chaining

    • progressiveDelay

      public BruteForceConfig progressiveDelay(boolean enabled)
      Enables or disables progressive delay (exponential backoff).

      When enabled, each failed attempt after the first incurs an increasing delay before the next attempt is allowed: base * 2^(attempts-1).

      Parameters:
      enabled - true to enable (default), false to disable
      Returns:
      this config for chaining

    • baseDelayMillis

      public BruteForceConfig baseDelayMillis(long millis)
      Sets the base delay in milliseconds for progressive delay.

      The actual delay for attempt N is: base * 2^(N-1).

      Parameters:
      millis - the base delay (default: 1000 = 1 second)
      Returns:
      this config for chaining

    • getMaxAttempts

      public int getMaxAttempts()
      Returns the maximum number of failed attempts before lockout.
      Returns:
      the max attempts

    • getLockoutDurationMillis

      public long getLockoutDurationMillis()
      Returns the lockout duration in milliseconds.
      Returns:
      the lockout duration

    • isProgressiveDelay

      public boolean isProgressiveDelay()
      Returns whether progressive delay is enabled.
      Returns:
      true if progressive delay is enabled

    • getBaseDelayMillis

      public long getBaseDelayMillis()
      Returns the base delay in milliseconds.
      Returns:
      the base delay