A proper throttling mechanism is missing for consumer/producer logins. You could increase the authentication cache's security-invalidation-interval[1], or implement a custom security manager for comprehensive throttling[2].
[1] https://activemq.apache.org/components/artemis/documentation/latest/security.html#caching-security-operations [2] https://activemq.apache.org/components/artemis/documentation/latest/security.html#custom-security-manager Regards, Domenico On Tue, 2 Dec 2025 at 13:57, Alexander Milovidov <[email protected]> wrote: > Consumer/producer logins. > > > вт, 2 дек. 2025 г. в 11:43, Domenico Francesco Bruscino < > [email protected]>: > > > Are you referring to consumer/producer logins or web console logins? > > > > Regards, > > Domenico > > > > On Tue, 2 Dec 2025 at 08:24, Alexander Milovidov <[email protected]> > > wrote: > > > > > Hi All, > > > > > > We have a problem with some users who connect to Artemis with invalid > > login > > > or password too frequently and don't care about that because it happens > > in > > > one of their test environments. Even if the account is already locked > out > > > in the Active Directory, the application still retries to connect to > > > Artemis an infinite number of times. > > > Is there any way to limit the number of failed authentication attempts > > per > > > second, or perform a delay before each subsequent attempt? > > > We are using JAAS login.config with PropertiesLoginModule and > > > LDAPLoginModule. > > > > > > -- > > > Regards, > > > Alexander > > > > > >
