On Jan 11, 2018, at 11:52 PM, Fabio Martelli <[email protected]<mailto:[email protected]>> wrote:
Il 11/01/2018 19:49, Ray Bon ha scritto: Fabio, The threshold throttle is a rate. In your example it works out to 1 failed attempt in 100 seconds. Any user will try a second time within that 100 seconds. Set the numbers to a reasonable user action time - how long does it take for a user to type and press enter, maybe 5 seconds. Set threshold at 1 and range at 5. Hi Ray, thanks a lot for your reply. Unfortunately this is not my requirements. I need to lock a user out after three consecutive failed login attempts. As far as you know, is there a way to implement this feature? Many LDAP and RDBMS implementations have a failed-authentication lockout feature, if you're using that as a credential store. Tom. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/D956F9AE-A98B-47CB-BD47-6E8253BE02CD%40ucdavis.edu.
