Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.owasp.esapi
Interface IntrusionDetector

All Known Implementing Classes:
DefaultIntrusionDetector
public interface IntrusionDetector

The IntrusionDetector interface is intended to track security relevant events and identify attack behavior. The implementation can use as much state as necessary to detect attacks, but note that storing too much state will burden your system.

The interface is currently designed to accept exceptions as well as custom events. Implementations can use this stream of information to detect both normal and abnormal behavior.

Since:
June 1, 2007
Author:
Jeff Williams (jeff.williams .at. aspectsecurity.com) Aspect Security

Method Summary
 void addEvent(java.lang.String eventName, java.lang.String logMessage)
          Adds the event to the IntrusionDetector.
 void addException(java.lang.Exception exception)
          Adds the exception to the IntrusionDetector.
 

Method Detail

addException

void addException(java.lang.Exception exception)
                  throws IntrusionException
Adds the exception to the IntrusionDetector. This method should immediately log the exception so that developers throwing an IntrusionException do not have to remember to log every error. The implementation should store the exception somewhere for the current user in order to check if the User has reached the threshold for any Enterprise Security Exceptions. The User object is the recommended location for storing the current user's security exceptions. If the User has reached any security thresholds, the appropriate security action can be taken and logged.

Parameters:
exception - the exception thrown
Throws:
IntrusionException - the intrusion exception

addEvent

void addEvent(java.lang.String eventName,
              java.lang.String logMessage)
              throws IntrusionException
Adds the event to the IntrusionDetector. This method should immediately log the event. The implementation should store the event somewhere for the current user in order to check if the User has reached the threshold for any Enterprise Security Exceptions. The User object is the recommended location for storing the current user's security event. If the User has reached any security thresholds, the appropriate security action can be taken and logged.

Parameters:
eventName - the event to add
logMessage - the message to log with the event
Throws:
IntrusionException - the intrusion exception
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2011 The Open Web Application Security Project (OWASP). All Rights Reserved.