thanks, i was able to compile and install the plugin and it works great for our needs.
Daniel Beck <[email protected]> wrote: >Since Jenkins 1.548 there's a new extension point SecurityListener. It >can be implemented in a way that throws a SecurityException in >authenticated(UserDetails) when the same user who just >failedToAuthenticate(UserDetails) several times managed to log in >successfully. This prevents successful authentication even with correct >credentials. > >Here's some sample code for a plugin that does just that: >https://github.com/daniel-beck/jenkins-login-rate-limiter-plugin > >Configuration is via system properties (there's no config UI), but >otherwise, it works just fine. Note that I don't check IP or do >anything more sophisticating than counting the number of failed >attempts in the last few minutes for a given user name, so a malicious >user could prevent Jenkins use for all users with known user names by >just spamming wrong credentials to prevent them from logging in. > >On 30.01.2014, at 23:11, zee wfo <[email protected]> wrote: > >> I've found information on how to setup jenkins with ldaps. Is there a >way for jenkins to refuse login attempts from a user after multiple >failures? The goal is to discourage password guessing for accounts in >our ldap server who have access to the jenkins server. >> thanks. >> >> -- >> You received this message because you are subscribed to the Google >Groups "Jenkins Users" group. >> To unsubscribe from this group and stop receiving emails from it, >send an email to [email protected]. >> For more options, visit https://groups.google.com/groups/opt_out. -- Sent from my Android device with K-9 Mail. Please excuse my brevity. -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
