Hello all Using CAS 6.6.15 in a Docker setup with LDAP user repository.
CAS/SAML/OIDC authentication works with no problem. Throttling CAS auth requests also works without a problem. The relevant throtlling configuration in cas.properties is as follows: # Failure Throttling cas.authn.throttle.failure.threshold=1 cas.authn.throttle.failure.code=AUTHENTICATION_FAILED cas.authn.throttle.failure.range-seconds=30 cas.authn.throttle.core.username-parameter=username We have enabled REST Authentication which works without a problem: /# curl -sk https://sso-server:8443/cas/v1/users -d 'username=test&password=test'|jq .authentication.credentials [ { "@class": "org.apereo.cas.authentication.metadata.BasicCredentialMetaData", "id": "test", "credentialClass": "org.apereo.cas.authentication.credential.UsernamePasswordCredential" } ] REST and throttling implementation in build.gradle: implementation "org.apereo.cas:cas-server-support-throttle" implementation "org.apereo.cas:cas-server-support-rest" Yet no matter how we try, throttling REST auth requests does not work. Looking at the relevant code <https://github.com/apereo/cas/blob/5e1035dde95094a951c9ea87993cdea29ab6c85c/support/cas-server-support-rest/src/main/java/org/apereo/cas/config/CasRestAutoConfiguration.java#L127>, I see that throttling is implemented. Nevertheless, the debug line <https://github.com/apereo/cas/blob/5e1035dde95094a951c9ea87993cdea29ab6c85c/support/cas-server-support-rest/src/main/java/org/apereo/cas/config/CasRestAutoConfiguration.java#L143> about "Activating authentication throttling for REST endpoints..." does not seem to be called. My fear is for a race condition where REST is initialized before throttling and the check <https://github.com/apereo/cas/blob/5e1035dde95094a951c9ea87993cdea29ab6c85c/support/cas-server-support-rest/src/main/java/org/apereo/cas/config/CasRestAutoConfiguration.java#L129> for the relevant bean fails. Any help would be appreciated. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/dd16e2b9-4422-46a3-b597-ee883790d766n%40apereo.org.
