How to track login failure attempts and update the failure counter in database

[sachin khanna]

Hi,

I have implemented CAS server and i am able to successfully authenticate user by jdbc authentication.

Now i want to track login failure attempts of user and locked out user's account after 3 failure attempts.

for that i would need to add counter and on specific count, i would need to update user's status in DB.

Please suggest the implementation or share code??

[Uxío]

I might be able to give some advice, only if by a somewhat big gotcha you are referring CAS 3.

If it is CAS 4 or 5, if it was me and I thought the docs were not enough about it, I would file an issue requesting the capability or, if ready, enhanced explain.

Could you just use throttling of failed log in attempts instead of everything else? Isn't it better for anyone? No angered users because of locked accounts, no further dev, no further doc. Trust what is already available OOTB. Tell your product owner to try to find a solution not involving custom sources nor GitHub issuing.

Sent from my iPhone

--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/644ca915-8884-4eb2-a296-5e8d2e859c59%40apereo.org.

[sachin khanna]

Thanks for the wise suggestions.

I am using CAS 5.0.

As client is demanding for lockout functionality, we need to implement it.

Can you please suggest where can i file an issue to request the capability or if you have some ready made code available, please share.

Thanks.