Bremersee Failed Access Counter

This project contains a small protection against brute-force-attacks.

A failed access counter stores failed access entries of a resource for a remote host, that wants to access the resource. The resource may be, for example, the login page. When the login has failed, this may be stored in the failed access counter. When the counter of the failed access entry has reached a threshold the login can be blocked for a while.

The failed access counter needs a DAO (interface FailedAccessDao) to persist the failed access entries. Currently there are four DAO implementations available:

  • FailedAccessInMemoryDao: Persists the entries in memory.
  • FailedAccessJpaDao: Persists the entries in a SQL database.
  • FailedAccessLdapDao: Persists the entries in a LDAP server.
  • FailedAccessMongoDao: Persists the entries in a MongoDB.