Docs: "Please note that the bucket allocation strategy is specific to the client IP address."
On Tuesday, August 19, 2025 at 7:32:14 AM UTC-7 [email protected] wrote: > Hi, > > I have been trying to implement the rate limiting feature of Simple MFA. > (with version 7.2.x) > I set the blocking to true: > cas.authn.mfa.simple.bucket4j.blocking=true > > Tested with 1 client, it behaves as expected, it is blocked until token is > available. > The outcome of testing with 2 clients is interesting. I used different > browser with different principals. When it is blocking for one user, > surprisingly it is also blocking the other user. > > I am not sure if this is the expected behavior or is there something else > I missed in the config. > > Thanks > -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/49c1c972-67de-4897-9154-84fd5a4a27ecn%40apereo.org.
