Authentication Failure - Throttling - cas version 6.3.4
37 views
Skip to first unread message
Devi Arunkumar
Mar 21, 2022, 2:24:40 PM3/21/22
to CAS Community
Hi Team,
We have a requirement that we need to lock the account after 'n' unsuccessful attempts.
Say user should not be allowed to login for 10 minutes after 3('n') unsuccessful attempts. We have tried throttle mechanism which cas already supports but it is based on time and throttle rate. There is no option to lock the account for certain period of time.
cas.authn.throttle.failure.threshold=3
cas.authn.throttle.failure.code=AUTHENTICATION_FAILED
cas.authn.throttle.failure.rangeSeconds=60
cas.authn.throttle.failure.code=AUTHENTICATION_FAILED
cas.authn.throttle.failure.rangeSeconds=60
We need to lock after fixed number of unsuccessful attempts but not based on time..
Also we need to lock the user for certain period of time.
Please let u know how to handle this requirement using the cas properties.
-Thanks,
Devi.U
Reply all
Reply to author
Forward
0 new messages