throttling attempts in CAS by IP, what if a large number users behind a proxy?

29 views
Skip to first unread message

Yan Zhou

unread,
Nov 10, 2016, 1:19:48 PM11/10/16
to CAS Community
Hi,

CAS enables login throttling by IP, but, what if a relatively big number of users (in an organization) all sit behind one proxy?

Can I configure throttling like this:  no more than 5 login failures within 3 seconds, and decrement the count every second.

Thx!
Yan

<bean id="loginThrottle"
     class="org.jasig.cas.web.support.InMemoryThrottledSubmissionByIpAddressHandlerInterceptorAdapter"
     p:failureRangeInSeconds="3"
     p:failureThreshold="5" />
<bean id="loginThrottleJobDetail"
     class="org.springframework.scheduling.quartz.MethodInvokingJobDetailFactoryBean"
     p:targetObject-ref="loginThrottle"
     p:targetMethod="decrementCounts"/>
<!-- A scheduler that drives all configured triggers is provided by default in applicationContext.xml. -->
<bean id="loginThrottleTrigger"
     class="org.springframework.scheduling.quartz.SimpleTriggerFactoryBean"
     p:jobDetail-ref="loginThrottleJobDetail"
     p:startDelay="1000"
     p:repeatInterval="1000"/>  

Thx!
Yan
Reply all
Reply to author
Forward
0 new messages