Merge pull request #142 from Blazam-App/Beta-Dev

Detect multiple failed AD connection attempts and warn on login page

BLAZAM/BLAZAM.csproj

@@ -6,7 +6,7 @@
 		<ImplicitUsings>enable</ImplicitUsings>
 		<ServerGarbageCollection>false</ServerGarbageCollection>
 		<AssemblyVersion>0.8.4</AssemblyVersion>
-		<Version>2023.11.09.1641</Version>
+		<Version>2023.11.09.1711</Version>
 		<RootNamespace>BLAZAM</RootNamespace>
 		<GenerateDocumentationFile>False</GenerateDocumentationFile>
 

BLAZAMActiveDirectory/ActiveDirectoryContext.cs

@@ -37,6 +37,7 @@ public IApplicationUserState? CurrentUser
         private INotificationPublisher _notificationPublisher;
         public static ActiveDirectoryContext Instance;
 
+        public int FailedConnectionAttempts { get; set; } = 0;
 
         private AuthenticationTypes _authType;
 
@@ -357,7 +358,10 @@ public void Connect()
                                                     Message = "The configured BaseDN is not valid. Please correct your settings.",
                                                     Title = "Active Directory Error"
                                                 });
-                                                Status = DirectoryConnectionStatus.BadConfiguration; return;
+                                                Status = DirectoryConnectionStatus.BadConfiguration;
+                                                if (FailedConnectionAttempts < 10)
+                                                    FailedConnectionAttempts++; 
+                                                return;
                                             }
                                         }
                                         catch (Exception ex)
@@ -369,7 +373,10 @@ public void Connect()
                                                     Message = "The configured BaseDN is not valid. Please correct your settings.",
                                                     Title = "Active Directory Error"
                                                 });
-                                            Status = DirectoryConnectionStatus.BadConfiguration; return;
+                                            Status = DirectoryConnectionStatus.BadConfiguration;
+                                            if (FailedConnectionAttempts < 10)
+                                                FailedConnectionAttempts++; 
+                                            return;
 
                                         }
 
@@ -388,13 +395,16 @@ public void Connect()
                                                     DomainControllers.Add(dc);
 
                                                 }
+                                                FailedConnectionAttempts = 0;
                                             }
                                             else
                                             {
                                                 Loggers.ActiveDirectryLogger.Warning("Active Directory test failed");
 
                                                 Status = DirectoryConnectionStatus.BadConfiguration;
-
+                                                if (FailedConnectionAttempts < 10)
+                                                    FailedConnectionAttempts++;;
+                                                return;
                                             }
                                         }
                                         catch (Exception ex)
@@ -424,17 +434,26 @@ public void Connect()
                                         Loggers.ActiveDirectryLogger.Warning("Error connecting to Active Directory {@Error}", ex);
 
                                         Status = DirectoryConnectionStatus.BadConfiguration;
+                                        if (FailedConnectionAttempts < 10)
+                                            FailedConnectionAttempts++; ;
+                                        return;
                                     }
                                     catch (CryptographicException ex)
                                     {
                                         Loggers.ActiveDirectryLogger.Warning("Unable to decrypt Active Directory password {@Error}", ex);
                                         Status = DirectoryConnectionStatus.UnreachableConfiguration;
+                                        if (FailedConnectionAttempts < 10)
+                                            FailedConnectionAttempts++; ;
+                                        return;
 
                                     }
                                     catch (Exception ex)
                                     {
                                         Loggers.ActiveDirectryLogger.Error("Unexpected Error connecting to Active Directory {@Error}", ex);
                                         Status = DirectoryConnectionStatus.BadConfiguration;
+                                        if (FailedConnectionAttempts < 10)
+                                            FailedConnectionAttempts++; ;
+                                        return;
 
                                     }
                                 }
@@ -443,21 +462,28 @@ public void Connect()
                                     Loggers.ActiveDirectryLogger.Warning("Active Directory port is not open");
 
                                     Status = DirectoryConnectionStatus.ServerDown;
+                                    if (FailedConnectionAttempts < 10)
+                                        FailedConnectionAttempts++; ;
+                                    return;
                                 }
                             }
                         }
                     }
                 }
                 Status = DirectoryConnectionStatus.Unconfigured;
-
+                if (FailedConnectionAttempts < 10)
+                    FailedConnectionAttempts++; ;
+                return;
 
             }
             catch (Exception ex)
             {
                 Loggers.ActiveDirectryLogger.Warning("Unexpected Error connecting to Active Directory {@Error}", ex);
 
                 Status = DirectoryConnectionStatus.ServerDown;
-
+                if (FailedConnectionAttempts < 10)
+                    FailedConnectionAttempts++; ;
+                return;
             }
         }
 

BLAZAMActiveDirectory/Interfaces/IActiveDirectory.cs

@@ -27,6 +27,12 @@ public interface IActiveDirectoryContext
         /// </summary>
         DirectoryConnectionStatus Status { get; }
 
+        /// <summary>
+        /// How many time the connection has failed.
+        /// Max value should not exceed 10
+        /// </summary>
+        int FailedConnectionAttempts { get; set; }
+
         /// <summary>
         /// The application scoped directory entry root
         /// </summary>

BLAZAMGui/Layouts/LoginLayout.razor

@@ -28,8 +28,15 @@
                     </MudCard>
                     @if (monitor.DirectoryConnected == ServiceConnectionState.Connecting)
                     {
-                        <MudProgressLinear Color="Color.Warning" Indeterminate=true />
-                        <MudAlert Style="left:25px;right:25px;" Class="absolute  mud-alert-filled-warning">Directory is connecting... Local admin login only...</MudAlert>
+
+                            <MudProgressLinear Color="Color.Warning" Indeterminate=true />
+                            <MudAlert Style="left:25px;right:25px;" Class="absolute  mud-alert-filled-warning">Directory is connecting... Local admin login only...</MudAlert>
+
+
+                    }
+                    @if (monitor.DirectoryConnected == ServiceConnectionState.Down){
+                        @* <MudProgressLinear Color="Color.Error" Indeterminate=true /> *@
+                        <MudAlert Style="left:25px;right:25px;" Class="absolute  mud-alert-filled-error">Unable to connect to directory after @directory.FailedConnectionAttempts attempts ... Local admin login only...</MudAlert>
 
                     }