Disable account

[Lars Feistner]

Dear community,

is there a possibility to deactivate an account after n login attempts either directly via a setting or via a post processing of the login process or a notification or event?

Best regards,
Lars

[Ray Bon]

Lars,

See https://apereo.github.io/cas/6.4.x/authentication/Configuring-Authentication-Throttling.html

Ray

On Tue, 2022-03-01 at 14:48 +0100, Lars Feistner wrote:

Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.

-- 

Ray Bon

Programmer Analyst

Development Services, University Systems

2507218831 | CLE 019 | rb...@uvic.ca

I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional territory the university stands, and the Songhees, Esquimalt and WSÁNEĆ peoples whose historical relationships with the land continue to this day.

[Rod]

Great question! 

I'm interested in this too.

For our small one server environment we were thinking we could use Fail2Ban to monitor the catalina.out log for failed logins.

We would have to write a multi line regex to get the client ip and the line that has the failure string. 

Then Fail2Ban would firewall them out for X amount of time over so many failed attempts.

Just my two cents.

Rod

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1dc136db-2133-3be6-91ad-fdbe76cc0d92%40cares.institute.