[cas-user] Authentication Throttling - second attempt always triggers 'access denied'

Hi folks - trying again here... There seems to be the 'right kind' of settings needed to get authentication throttling to work. I have currently defined it as 3 failures within 15 seconds. cas.authn.throttle.usernameParameter= cas.authn.throttle.schedule.startDelay=1

Re: [cas-user] Authentication Throttling - second attempt always triggers 'access denied'

Justin, Those throttle settings get reduced to a common denominator. When you set 3 failures within 15 seconds, it is converted to 1 in 5 seconds. So your second attempt in 6 seconds may be a rounding error (i.e., CAS recorded it as 5 seconds (you could check the logs)) or it is 2 failures

[cas-user] CAS 5.1.5 SAML Service Access Strategy

Hi all, I've got a SAML service that has login requirements that must be performed on the CAS/IdP side. Basically, I want a list of users (matched by uid) to be allowed access to this specific service. I read the docs at

Re: [cas-user] ldap preAuthenticate and postAuthenticate

Hello Fazla, No. I am still having issues. I am able to create my own database Authenticator and it works fine. But still having issue with customizing ldap. I posted latest issues under

Re: [cas-user] ldap preAuthenticate and postAuthenticate

Hi Satnam, Did you find any guide for that? we are plaining to do something similar. -Fazla On Fri, Jan 19, 2018 at 2:11 AM, satnam wrote: > Hello, > > CAS 5.2.x > > we want to overwrite ldap preAuthenticate and postAuthenticate functions. > In prior version

Re: [cas-user] ldap preAuthenticate and postAuthenticate

I used following 3 links as guide to edit db auth, but ldap still work in progress https://apereo.github.io/cas/5.2.x/installation/Configuration-Management-Extensions.html https://apereo.github.io/2017/02/21/cas-autocfg-strategy/ https://apereo.github.io/2016/10/07/webflow-extcfg/ On

[cas-user] Re: pac4j Google2Client auth delegation: How to unauthorize a profile?

Hi Martin, Thanks for your response. Sadly, I think that the result of implementing a custom Authentication Handler would be the same that I have now, a redirection to CAS error page since with my current implementation I'm throwing a FailedLoginException that it is exactly the same that

[cas-user] CAS 5.2.1 login-webflow and exceptionHandlers

Hi again... Debugging the default CAS login flow when an AuthenticationHandler throws an Exception (i.e. UnauthorizedSsoServiceException) I see that the PolicyBasedAuthenticationManager handles that exception adding it to the failures list and finally throws an AuthenticationException. It