Rename BruteForceProtection plugin (#1506)
This commit is contained in:
parent
f4b17c7c8a
commit
31a689340d
|
@ -19,7 +19,7 @@ sub defaultValues {
|
||||||
'authentication' => 'Demo',
|
'authentication' => 'Demo',
|
||||||
'available2F' => 'UTOTP,TOTP,U2F,REST,Ext2F,Yubikey',
|
'available2F' => 'UTOTP,TOTP,U2F,REST,Ext2F,Yubikey',
|
||||||
'available2FSelfRegistration' => 'TOTP,U2F,Yubikey',
|
'available2FSelfRegistration' => 'TOTP,U2F,Yubikey',
|
||||||
'brutForceProtection' => 1,
|
'bruteForceProtection' => 1,
|
||||||
'captcha_mail_enabled' => 1,
|
'captcha_mail_enabled' => 1,
|
||||||
'captcha_register_enabled' => 1,
|
'captcha_register_enabled' => 1,
|
||||||
'captcha_size' => 6,
|
'captcha_size' => 6,
|
||||||
|
|
|
@ -607,7 +607,7 @@ sub attributes {
|
||||||
'default' => 'TOTP,U2F,Yubikey',
|
'default' => 'TOTP,U2F,Yubikey',
|
||||||
'type' => 'text'
|
'type' => 'text'
|
||||||
},
|
},
|
||||||
'brutForceProtection' => {
|
'bruteForceProtection' => {
|
||||||
'default' => 1,
|
'default' => 1,
|
||||||
'type' => 'bool'
|
'type' => 'bool'
|
||||||
},
|
},
|
||||||
|
|
|
@ -609,10 +609,10 @@ sub attributes {
|
||||||
type => 'bool',
|
type => 'bool',
|
||||||
documentation => 'Display login history checkbox in portal',
|
documentation => 'Display login history checkbox in portal',
|
||||||
},
|
},
|
||||||
brutForceProtection => {
|
bruteForceProtection => {
|
||||||
default => 1,
|
default => 1,
|
||||||
type => 'bool',
|
type => 'bool',
|
||||||
documentation => 'Prevent brut force attack after two failed logins',
|
documentation => 'Prevent brute-force attack',
|
||||||
},
|
},
|
||||||
portalForceAuthnInterval => {
|
portalForceAuthnInterval => {
|
||||||
type => 'int',
|
type => 'int',
|
||||||
|
|
|
@ -727,7 +727,7 @@ sub tree {
|
||||||
'trustedDomains',
|
'trustedDomains',
|
||||||
'useSafeJail',
|
'useSafeJail',
|
||||||
'checkXSS',
|
'checkXSS',
|
||||||
'brutForceProtection',
|
'bruteForceProtection',
|
||||||
'lwpOpts',
|
'lwpOpts',
|
||||||
'lwpSslOpts',
|
'lwpSslOpts',
|
||||||
{
|
{
|
||||||
|
|
|
@ -102,7 +102,7 @@
|
||||||
"browserIdSiteName":"Site name",
|
"browserIdSiteName":"Site name",
|
||||||
"browserIdVerificationURL":"Verification URL",
|
"browserIdVerificationURL":"Verification URL",
|
||||||
"browseTree":"Browse tree",
|
"browseTree":"Browse tree",
|
||||||
"brutForceProtection":"Brut force attack protection",
|
"bruteForceProtection":"Brute-force attack protection",
|
||||||
"cancel":"Cancel",
|
"cancel":"Cancel",
|
||||||
"captcha_login_enabled":"Activation in login form",
|
"captcha_login_enabled":"Activation in login form",
|
||||||
"captcha_mail_enabled":"Activation in password reset by mail form",
|
"captcha_mail_enabled":"Activation in password reset by mail form",
|
||||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -474,7 +474,7 @@ t/43-MailReset-with-token.t
|
||||||
t/43-MailReset.t
|
t/43-MailReset.t
|
||||||
t/50-IssuerGet.t
|
t/50-IssuerGet.t
|
||||||
t/60-Status.t
|
t/60-Status.t
|
||||||
t/61-BrutForceProtection.t
|
t/61-BruteForceAttackProtection.t
|
||||||
t/61-GrantSession.t
|
t/61-GrantSession.t
|
||||||
t/62-SingleSession.t
|
t/62-SingleSession.t
|
||||||
t/63-History.t
|
t/63-History.t
|
||||||
|
|
|
@ -19,7 +19,7 @@ our @pList = (
|
||||||
notification => '::Plugins::Notifications',
|
notification => '::Plugins::Notifications',
|
||||||
portalCheckLogins => '::Plugins::History',
|
portalCheckLogins => '::Plugins::History',
|
||||||
stayConnected => '::Plugins::StayConnected',
|
stayConnected => '::Plugins::StayConnected',
|
||||||
brutForceProtection => '::Plugins::BrutForceProtection',
|
bruteForceProtection => '::Plugins::BruteForceProtection',
|
||||||
grantSessionRule => '::Plugins::GrantSession',
|
grantSessionRule => '::Plugins::GrantSession',
|
||||||
upgradeSession => '::Plugins::Upgrade',
|
upgradeSession => '::Plugins::Upgrade',
|
||||||
autoSigninRules => '::Plugins::AutoSignin',
|
autoSigninRules => '::Plugins::AutoSignin',
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
package Lemonldap::NG::Portal::Plugins::BrutForceProtection;
|
package Lemonldap::NG::Portal::Plugins::BruteForceProtection;
|
||||||
|
|
||||||
use Data::Dumper;
|
use Data::Dumper;
|
||||||
use strict;
|
use strict;
|
100
lemonldap-ng-portal/t/61-BruteForceAttackProtection.t
Normal file
100
lemonldap-ng-portal/t/61-BruteForceAttackProtection.t
Normal file
|
@ -0,0 +1,100 @@
|
||||||
|
use Test::More;
|
||||||
|
use strict;
|
||||||
|
use IO::String;
|
||||||
|
|
||||||
|
BEGIN {
|
||||||
|
require 't/test-lib.pm';
|
||||||
|
}
|
||||||
|
|
||||||
|
my $res;
|
||||||
|
|
||||||
|
my $client = LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
|
ini => {
|
||||||
|
logLevel => 'error',
|
||||||
|
authentication => 'Demo',
|
||||||
|
userDB => 'Same',
|
||||||
|
loginHistoryEnabled => 1,
|
||||||
|
brutForceProtection => 1,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
## First successful connection
|
||||||
|
ok(
|
||||||
|
$res = $client->_post(
|
||||||
|
'/',
|
||||||
|
IO::String->new('user=dwho&password=dwho'),
|
||||||
|
length => 23,
|
||||||
|
accept => 'text/html',
|
||||||
|
),
|
||||||
|
'Auth query'
|
||||||
|
);
|
||||||
|
count(1);
|
||||||
|
my $id1 = expectCookie($res);
|
||||||
|
expectRedirection( $res, 'http://auth.example.com/' );
|
||||||
|
|
||||||
|
$client->logout($id1);
|
||||||
|
|
||||||
|
## Second successful connection
|
||||||
|
ok(
|
||||||
|
$res = $client->_post(
|
||||||
|
'/',
|
||||||
|
IO::String->new('user=dwho&password=dwho'),
|
||||||
|
length => 23,
|
||||||
|
accept => 'text/html',
|
||||||
|
),
|
||||||
|
'Auth query'
|
||||||
|
);
|
||||||
|
count(1);
|
||||||
|
$id1 = expectCookie($res);
|
||||||
|
expectRedirection( $res, 'http://auth.example.com/' );
|
||||||
|
|
||||||
|
$client->logout($id1);
|
||||||
|
|
||||||
|
|
||||||
|
## First failed connection
|
||||||
|
ok(
|
||||||
|
$res = $client->_post(
|
||||||
|
'/',
|
||||||
|
IO::String->new('user=dwho&password=ohwd'),
|
||||||
|
length => 23
|
||||||
|
),
|
||||||
|
'Auth query'
|
||||||
|
);
|
||||||
|
count(1);
|
||||||
|
expectReject($res);
|
||||||
|
|
||||||
|
## Second failed connection
|
||||||
|
ok(
|
||||||
|
$res = $client->_post(
|
||||||
|
'/',
|
||||||
|
IO::String->new('user=dwho&password=ohwd'),
|
||||||
|
length => 23
|
||||||
|
),
|
||||||
|
'Auth query'
|
||||||
|
);
|
||||||
|
count(1);
|
||||||
|
expectReject($res);
|
||||||
|
|
||||||
|
## Third failed connection
|
||||||
|
my $start = time;
|
||||||
|
ok(
|
||||||
|
$res = $client->_post(
|
||||||
|
'/',
|
||||||
|
IO::String->new('user=dwho&password=ohwd'),
|
||||||
|
length => 23,
|
||||||
|
accept => 'text/html',
|
||||||
|
),
|
||||||
|
'Auth query'
|
||||||
|
);
|
||||||
|
my $stop = time;
|
||||||
|
count(1);
|
||||||
|
|
||||||
|
my $wait = $stop - $start;
|
||||||
|
ok($wait > 29 && $wait < 32, "Waiting time = $wait");
|
||||||
|
count(1);
|
||||||
|
|
||||||
|
clean_sessions();
|
||||||
|
|
||||||
|
done_testing( count() );
|
Loading…
Reference in New Issue
Block a user