I don't think you have. You are probably experiencing this issue: https://github.com/Jasig/cas/pull/455
Are you able to try 4.1-SNAPSHOT? This should not happen anymore. From: Jason [mailto:jasoncha...@gmail.com] Sent: Thursday, April 23, 2015 7:49 AM To: cas-user@lists.jasig.org Subject: [cas-user] login throttling using DB in CAS 4.0.0 I added the following in deployerConfigContext.xml, <bean id="loginThrottle" class="org.jasig.cas.web.support.InspektrThrottledSubmissionByIpAddressAnd UsernameHandlerInterceptorAdapter" c:auditTrailManager-ref="auditTrailManager" c:dataSource-ref="dataSource" p:failureRangeInSeconds="60" p:failureThreshold="3" /> <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close" lazy-init="true" p:poolPreparedStatements="true" p:url="jdbc:h2:tcp://localhost/~/test" p:username="sa" p:password="" p:driverClassName="org.h2.Driver" p:validationQuery="SELECT 1" /> <bean id="auditTrailManager" class="com.github.inspektr.audit.support.JdbcAuditTrailManager" c:transactionTemplate-ref="inspektrTransactionTemplate" p:dataSource-ref="dataSource" /> <bean id="inspektrTransactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager" p:dataSource-ref="dataSource" /> <bean id="inspektrTransactionTemplate" class="org.springframework.transaction.support.TransactionTemplate" p:transactionManager-ref="inspektrTransactionManager" p:isolationLevelName="ISOLATION_READ_COMMITTED" p:propagationBehaviorName="PROPAGATION_REQUIRED" /> and revised the cas-servlet.xml to, <bean id="loginFlowHandlerMapping" class="org.springframework.webflow.mvc.servlet.FlowHandlerMapping" p:flowRegistry-ref="loginFlowRegistry" p:order="2"> <property name="interceptors"> <array value-type="org.springframework.web.servlet.HandlerInterceptor"> <ref bean="localeChangeInterceptor" /> <ref bean="loginThrottle" /> </array> </property> </bean> After that, I made a few failed logins, and found that the database is storing the following entries, AUD_USER AUD_CLIENT_IP AUD_SERVER_IP AUD_RESOURCE AUD_ACTION APPLIC_CD AUD_DATE <http://172.25.208.184:8082/query.do?jsessionid=eeb643f1f4b3c5cc4a34e43f4c 7f88c6> audit:unknown 127.0.0.1 127.0.0.1 supplied credentials: [userid+password] AUTHENTICATION_FAILED CAS 2015-04-23 10:27:23.505 audit:unknown 127.0.0.1 127.0.0.1 1 errors, 0 successes TICKET_GRANTING_TICKET_NOT_CREATED CAS 2015-04-23 10:27:23.505 while the throttling query in InspektrThrottledSubmissionByIpAddressAndUsernameHandlerInterceptorAdapter .execeedsThreshold() method is passing username "[username: userid]", which doesn't match the username stored in the database, so it's not able to throttle the login. I would like to know if there is anything I might miss in the configuration. Thanks. -- You are currently subscribed to cas-user@lists.jasig.org <mailto:cas-user@lists.jasig.org> as: mmoay...@unicon.net <mailto:mmoay...@unicon.net> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
