Le 21/02/2013 11:48, Sylvain DEROSIAUX a écrit :
Le 19/02/2013 16:39, Marvin Addison a écrit :
File : cas-server-webapp/src/main/webapp/WEB-INF/cas-servlet.xml
+<bean id="handlerMappingB"
class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
+ <property name="mappings">
+ <props>
+ <prop key="/login">loginController</prop>
+ </props>
+ </property>
+ <property name="interceptors">
+ <list>
+ <bean
class="org.jasig.cas.web.support.InspektrThrottledSubmissionByIpAddressAndUsernameHandlerInterceptorAdapter"
+ p:failureRangeInSeconds="120"
+ p:failureThreshold="100">
+ <constructor-arg index="0" ref="auditTrailManager" />
+ <constructor-arg index="1" ref="dataSource" />
+ </bean>
+ <ref bean="localeChangeInterceptor" />
+ </list>
+ </property>
+</bean>
You need to read between the lines a bit for this. Simply add the
InspektrThrottledSubmissionByIpAddressAndUsernameHandlerInterceptorAdapter
interceptor to the list of interceptors as in the examples for
in-memory interceptors for 3.5.x. There's no loginController bean
anymore in 3.5.x.
M
Thanks for the reply. :)
I have try to read between the lines, there are no errors but
bruteforce is always allowed (threshold is defined at 2 attempts for
120s).
Logs didn't show anything about that.
Here the full modifications I have made :
File : cas-server-webapp/src/main/webapp/WEB-INF/cas-servlet.xml
<bean
class="org.springframework.webflow.mvc.servlet.FlowHandlerMapping"
p:flowRegistry-ref="flowRegistry"p:order="2">
<property name="interceptors">
+ <list>
<ref local="localeChangeInterceptor"/>
+ <ref bean="throttleInterceptor"/>
+ </list>
</property>
</bean>
File :
cas-server-webapp/src/main/webapp/WEB-INF/spring-configuration/auditTrailContext.xml
<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:aop="http://www.springframework.org/schema/aop";
+ xmlns:p="http://www.springframework.org/schema/p";
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-3.1.xsd";>
+<bean id="inspektrTransactionManager"
+
class="org.springframework.jdbc.datasource.DataSourceTransactionManager"
+ p:dataSource-ref="dataSource"
+ />
+
+ <bean id="inspektrTransactionTemplate"
+ class="org.springframework.transaction.support.TransactionTemplate"
+ p:transactionManager-ref="inspektrTransactionManager"
+ p:isolationLevelName="ISOLATION_READ_COMMITTED"
+ p:propagationBehaviorName="PROPAGATION_REQUIRED"
+ />
+
+ <bean id="auditManager"
class="com.github.inspektr.audit.support.JdbcAuditTrailManager">
+ <constructor-arg index="0" ref="inspektrTransactionTemplate" />
+ <property name="dataSource" ref="dataSource" />
+ </bean>
File :
cas-server-webapp/src/main/webapp/WEB-INF/spring-configuration/throttleInterceptorTrigger.xml
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans";
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+ xmlns:p="http://www.springframework.org/schema/p";
+ xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd";>
+
+<bean id="throttleInterceptor"
class="org.jasig.cas.web.support.InspektrThrottledSubmissionByIpAddressAndUsernameHandlerInterceptorAdapter"
+ p:failureRangeInSeconds="120"
+ p:failureThreshold="2">
+ <constructor-arg index="0" ref="auditTrailManager" />
+ <constructor-arg index="1" ref="dataSource" />
+</bean>
+
+</beans>
Have an idea ?
Thanks,
Sylvain
Here the log for info : http://pastebin.com/Fm6b6FzW
Sylvain
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
