portals-jetspeed-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "D.S. Johnson" <dspec...@insightbb.com>
Subject Re: AW: Limited Login Attempts
Date Tue, 05 Aug 2003 13:35:14 GMT
Edmund.Mielach@swisscom.com wrote:

>Have a look at JetspeedSecurity.properties (Jetspeed 1.4b4).
>
>I think the following entries (located in the file JetspeedSecurity.properties) are exactly
what you are searching for ...
>
># 3 logon strikes per 300 seconds and your out
>services.JetspeedSecurity.logon.strike.count=3
>services.JetspeedSecurity.logon.strike.interval=300
># dont allow more than 10 over any time period
>services.JetspeedSecurity.logon.strike.max=10
>
>-----Urspr√ľngliche Nachricht-----
>Von: D.S. Johnson [mailto:dspectra@insightbb.com]
>Gesendet am: Dienstag, 5. August 2003 13:00
>An: Jetspeed Users List
>Betreff: Limited Login Attempts
>
>I was looking for a configuration setting for limiting user login 
>attempts. How hard would it be to add this feature.
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org
>
>
>  
>
I tried setting the following:

# Auto-Account-Disable Feature
services.JetspeedSecurity.logon.auto.disable=true

# 3 logon strikes per 300 seconds and your out
services.JetspeedSecurity.logon.strike.count=3
services.JetspeedSecurity.logon.strike.interval=300
# dont allow more than 10 over any time period
services.JetspeedSecurity.logon.strike.max=5

However it doesn't seem to work, I can still login after max number of 
attempts.



Mime
View raw message