Hi,
I try to upgrade my CAS from v6.4.6.1 to 6.5.1. The configuration who
was ok with v6.4 don't work in 6.5.1...
I load these modules :
implementation
"org.apereo.cas:cas-server-support-throttle-bucket4j:${project.'cas.version'}"
implementation
"org.apereo.cas:cas-server-support-throttle:${project.'cas.version'}"
implementation
"org.apereo.cas:cas-server-support-throttle-jdbc:${project.'cas.version'}"
I load et configure the audit log in jdbc too.
In my cas.properties my conf is:
cas.authn.throttle.jdbc.user=xxxxxxx
cas.authn.throttle.jdbc.password=xxxxxxxx
cas.authn.throttle.jdbc.driver-class=com.mysql.cj.jdbc.Driver
cas.authn.throttle.jdbc.url=xxxxxxxx
cas.authn.throttle.jdbc.dialect=org.hibernate.dialect.MySQL8Dialect
cas.authn.throttle.core.username-parameter=username
cas.authn.throttle.core.app-code=CAS
cas.authn.throttle.failure.threshold=1
cas.authn.throttle.failure.code=AUTHENTICATION_FAILED
cas.authn.throttle.failure.range-seconds=3
cas.authn.throttle.bucket4j.blocking=true
cas.authn.throttle.bucket4j.enabled=true
cas.authn.throttle.bucket4j.bandwidth[0].duration=PT60S
cas.authn.throttle.bucket4j.bandwidth[0].capacity=50
Authentication always fail with message :
More than [0.3333333333333333] failed login attempts within [3] seconds.
Authentication attempt exceeds the failure threshold [1]
I Try with different values in treshold and range-seconds but the issue
is same...
In database for an authentication I had only two rows :
MariaDB [DEVCAS]> select * from COM_AUDIT_TRAIL\G;
*************************** 1. row *************************** id: 1
AUD_ACTION: AUTHENTICATION_EVENT_TRIGGERED APPLIC_CD: CAS AUD_CLIENT_IP:
xxxxxxxxxxxx AUD_DATE: 2022-03-24 16:03:34.000000 AUD_RESOURCE:
{source=RankedMultifactorAuthenticationProviderWebflowEventResolver,
event=success, timestamp=Thu Ma AUD_SERVER_IP: xxxxxxxxxxxxxxxxxxx
AUD_USER: audit:unknown AUD_USERAGENT: Mozilla/5.0 (Macintosh; Intel Mac
OS X 10.15; rv:98.0) Gecko/20100101 Firefox/98.0
*************************** 2. row *************************** id: 2
AUD_ACTION: THROTTLED_LOGIN_ATTEMPT APPLIC_CD: CAS AUD_CLIENT_IP:
xxxxxxxxxxx AUD_DATE: 2022-03-24 16:03:44.000000 AUD_RESOURCE: N/A
AUD_SERVER_IP: xxxxxxxxxxxx AUD_USER: xxxxxxx AUD_USERAGENT: Mozilla/5.0
(Macintosh; Intel Mac OS X 10.15; rv:98.0) Gecko/20100101 Firefox/98.0 2
rows in set (0.001 sec)
If I unload modules
"org.apereo.cas:cas-server-support-throttle:${project.'cas.version'}"
and
"org.apereo.cas:cas-server-support-throttle-jdbc:${project.'cas.version'}"
the authnetication work properly.
Is there un bug with throttling and v6.5.1 ? Or I miss something ?
Best regards.
Quentin.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/8119db25-4120-5fd3-dceb-4286306826a8%40gmail.com.
