Hi Wiliam Vincent I'm trying to configure Throttling Authentication Attempts for a ban this 5 attempts failed login. But it's dont work for me cas.authn.throttle.core.username-parameter=username cas.authn.throttle.failure.threshold=5 cas.authn.throttle.failure.range-seconds=50
cas.authn.throttle.schedule.enabled=true cas.authn.throttle.schedule.start-delay=PT10S cas.authn.throttle.schedule.repeat-interval=PT60S cas.authn.throttle.failure.throttle-window-seconds=PT5M but when i have deux failed attempts it's banned. I need 5 attempts Le jeudi 6 avril 2023 à 11:59:11 UTC, William Vincent a écrit : > Hi > It works, user can login if using wrong password > William > > Le mer. 5 avr. 2023 à 23:56, Ray Bon <[email protected]> a écrit : > >> William, >> >> If the throttled user tries to log in after the page refresh, what >> happens? >> >> Ray >> >> On Wed, 2023-04-05 at 07:14 -0700, William Vincent (Wix31) wrote: >> >> Notice: This message was sent from outside the University of Victoria >> email system. Please be cautious with links and sensitive information. >> >> Hello >> I have a problem with throttling >> When I do a lot of unsuccessful tries I get the message "Unauthorized >> access You have entered the wrong password too many times in a row. You >> have been rejected.". >> But if I refresh the page, the form is displayed and in >> "cas/actuator/throttles" the line with my ip disappears >> How do I make this persistent? >> Maybe also would it be possible to send this ip to nftables? >> Thanks in advance >> >> >> My configuration : >> CAS 6.6.6 >> >> build.graddle: >> //authentication/Configuring-Authentication-Throttling = secu DDOS >> implementation >> "org.apereo.cas:cas-server-support-throttle-bucket4j:${project.'cas.version'}" >> //authentication/Configuring-Authentication-Throttling = secu Brute >> Force >> implementation >> "org.apereo.cas:cas-server-support-throttle:${project.'cas.version'}" >> >> cas.properties: >> # Sécurité DDOS / Brute force >> cas.authn.throttle.failure.range-seconds=30 >> cas.authn.throttle.failure.threshold=12 >> cas.authn.throttle.core.username-parameter=username >> >> # Throttle DDOS >> cas.authn.throttle.bucket4j.blocking=true >> cas.authn.throttle.bucket4j.enabled=true >> cas.authn.throttle.bucket4j.bandwidth[0].duration=PT60S >> cas.authn.throttle.bucket4j.bandwidth[0].capacity=50 >> >> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to a topic in the >> Google Groups "CAS Community" group. >> To unsubscribe from this topic, visit >> https://groups.google.com/a/apereo.org/d/topic/cas-user/TCiEN94ph4k/unsubscribe >> . >> To unsubscribe from this group and all its topics, send an email to >> [email protected]. >> > To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/7dc94e757968e5d2e019a89b47740a670590716f.camel%40uvic.ca >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/7dc94e757968e5d2e019a89b47740a670590716f.camel%40uvic.ca?utm_medium=email&utm_source=footer> >> . >> > > > -- > -- William VINCENT Administrateur systèmes et réseaux > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/7f81da5d-05ef-45c0-af6b-39668fa05d2en%40apereo.org.
