massx1 opened a new pull request, #1420: URL: https://github.com/apache/syncope/pull/1420
Adds optional REST rate limiting for Syncope Core APIs. The feature allows administrators to configure request thresholds, time windows, lock periods, trusted proxies, and excluded client addresses (for example Console instances). When enabled, clients exceeding the configured threshold receive 429 Too Many Requests with a Retry-After header. The feature is disabled by default. Notes This is intended as a lightweight L7 mitigation for excessive request rates against CXF REST endpoints, complementing existing endpoint-specific throttling such as login and password reset protection. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
