Hi all,
I've setup my instance of CAS (3.5) using Inspektr to write audit
information to a MySQL database according to the documentation in the wiki:
https://wiki.jasig.org/display/CASUM/Auditing+and+Statistics+Via+Inspektr.
I've also done the configuration to throttle login attempts using Inspektr.
Throttling works, but not according to the parameters that I've specified.
Here's the configuration for my throttling interceptor:
<bean id="inspektrThrottleInterceptor"
class="org.jasig.cas.web.support.InspektrThrottledSubmissionByIpAddresssAndUsernameHandlerInterceptorAdapter"
p:failureRangeInSeconds="60"
p:failureThreshold="10">
<constructor-arg index="0" ref="auditManager" />
<constructor-arg index="1" ref="auditDataSource" />
</bean>
As you can see from my configuration, I want to allow up to 10 failed login
attempts in one minute. I tried it out, but was blocked after only 3
attempts. A line prints out to my cas.log which says:
[org.jasig.cas.web.support.InspektrThrottledSubmissionByIpAddresssAndUsernameHandlerInterceptorAdapter]
- Throttling submission from xxx.xxx.x.xxx. More than 10 failed login
attempts within 60 seconds.
Just to see what would happen, I tried setting failureThreshold to 1000.
Now I can try to brute force it manually as much as I want, but still won't
hit the threshold. This tells me that my failureThreshold is being used in
some way, although not as I expect it. I've no clue why it's throttling
after a different threshold than what I've specified. If anyone has any
clues as to why this might be happening, it would be greatly appreciated.
Thanks,
Evan Sheffield
iVantage Health Analytics
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
