Hey, Marvin, Thank you for your quick response. It's a pity it impossible, because this is how many people would expect it to work. And thus, we have angry clients and well, you know. :)
Could you give me an advise of where to make a feature request? I'm a bit lost in the variety of options here ( https://issues.jasig.org/secure/BrowseProjects.jspa#10001) Best regards, Artur On 4 December 2013 18:18, Marvin Addison <[email protected]> wrote: > > What I actually want, is to allow 3 login attempts per interval of 30 > > minutes. > > That's a rate of 3/1800 logins/sec, which is what you have configured > below. If you want a lockout to last 30 minutes after 3 failed > attempts, it's not possible. The throttles enforce an instantaneous > failure rate in seconds, so if the user lingers for a period of time > whereby the next authentication causes the rate to be above the > throttle threshold, authentication will succeed. You will have to > study the test cases in the source for further information, but I can > assure you that given the model above they work as expected. > > M > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
