Hi,
I try to upgrade my CAS from v6.4.6.1 to 6.5.1. The configuration who
was ok with v6.4 don't work in 6.5.1...
I load these modules :
implementation
"org.apereo.cas:cas-server-support-throttle-bucket4j:${project.'cas.version'}"
implementation
"org.apereo.cas:cas-server-support-throttle:${project.'cas.version'}"
implementation
"org.apereo.cas:cas-server-support-throttle-jdbc:${project.'cas.version'}"
I load et configure the audit log in jdbc too.
In my cas.properties my conf is:
cas.authn.throttle.jdbc.user=xxxxxxx
cas.authn.throttle.jdbc.password=xxxxxxxx
cas.authn.throttle.jdbc.driver-class=com.mysql.cj.jdbc.Driver
cas.authn.throttle.jdbc.url=xxxxxxxx
cas.authn.throttle.jdbc.dialect=org.hibernate.dialect.MySQL8Dialect
cas.authn.throttle.core.username-parameter=username
cas.authn.throttle.core.app-code=CAS
cas.authn.throttle.failure.threshold=1
cas.authn.throttle.failure.code=AUTHENTICATION_FAILED
cas.authn.throttle.failure.range-seconds=3
cas.authn.throttle.bucket4j.blocking=true
cas.authn.throttle.bucket4j.enabled=true
cas.authn.throttle.bucket4j.bandwidth[0].duration=PT60S
cas.authn.throttle.bucket4j.bandwidth[0].capacity=50
Authentication always fail with message :
More than [0.3333333333333333] failed login attempts within [3] seconds.
Authentication attempt exceeds the failure threshold [1]
I Try with different values in treshold and range-seconds but the issue
is same...
In database for an authentication I had only two rows :
MariaDB [DEVCAS]> select * from COM_AUDIT_TRAIL\G;
*************************** 1. row *************************** id: 1
AUD_ACTION: AUTHENTICATION_EVENT_TRIGGERED APPLIC_CD: CAS AUD_CLIENT_IP:
xxxxxxxxxxxx AUD_DATE: 2022-03-24 16:03:34.000000 AUD_RESOURCE:
{source=RankedMultifactorAuthenticationProviderWebflowEventResolver,
event=success, timestamp=Thu Ma AUD_SERVER_IP: xxxxxxxxxxxxxxxxxxx
AUD_USER: audit:unknown AUD_USERAGENT: Mozilla/5.0 (Macintosh; Intel Mac
OS X 10.15; rv:98.0) Gecko/20100101 Firefox/98.0
*************************** 2. row *************************** id: 2
AUD_ACTION: THROTTLED_LOGIN_ATTEMPT APPLIC_CD: CAS AUD_CLIENT_IP:
xxxxxxxxxxx AUD_DATE: 2022-03-24 16:03:44.000000 AUD_RESOURCE: N/A
AUD_SERVER_IP: xxxxxxxxxxxx AUD_USER: xxxxxxx AUD_USERAGENT: Mozilla/5.0
(Macintosh; Intel Mac OS X 10.15; rv:98.0) Gecko/20100101 Firefox/98.0 2
rows in set (0.001 sec)
If I unload modules
"org.apereo.cas:cas-server-support-throttle:${project.'cas.version'}"
and
"org.apereo.cas:cas-server-support-throttle-jdbc:${project.'cas.version'}"
the authnetication work properly.
Is there un bug with throttling and v6.5.1 ? Or I miss something ?
Best regards.
Quentin.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/8119db25-4120-5fd3-dceb-4286306826a8%40gmail.com.
