Append all BruteForce parameters into Manager (#2646)
This commit is contained in:
Christophe Maudoux
parent
04747ff4e6
commit
c14b5c6219
|
|
@ -34,6 +34,8 @@ set to ``On``.
|
|||
- **Allowed failed login**: Number of failed login attempts allowed before account is locked
|
||||
- **Incremental lock**: Enable/disable incremental lock times
|
||||
- **Incremental lock times**: List of comma separated lock time values in seconds
|
||||
- **Maximum lock time**: Lock time values can not be higher than max lock time
|
||||
- **Maximum age**: Delta between current and last stored failed login
|
||||
|
||||
|
||||
Incremental lock time enabled
|
||||
|
|
@ -70,17 +72,8 @@ Lock time increases between each failed login attempt after allowed failed login
|
|||
Incremental lock time disabled
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
After allowed failed login attempts, user must
|
||||
wait the lock time before trying to log in again.
|
||||
To modify delta (MaxAge) between current and last stored
|
||||
failed login (300 seconds by default) edit ``lemonldap-ng.ini`` in [portal] section:
|
||||
|
||||
.. code-block:: ini
|
||||
|
||||
[portal]
|
||||
bruteForceProtectionTempo = 30
|
||||
bruteForceProtectionMaxAge = 300
|
||||
bruteForceProtectionMaxFailed = 3
|
||||
After allowed failed login attempts, user must wait
|
||||
the lock time before trying to log in again.
|
||||
|
||||
|
||||
.. attention::
|
||||
|
|
|
|||
|
|
@ -1078,6 +1078,8 @@ sub tree {
|
|||
'bruteForceProtectionMaxFailed',
|
||||
'bruteForceProtectionIncrementalTempo',
|
||||
'bruteForceProtectionLockTimes',
|
||||
'bruteForceProtectionMaxLockTime',
|
||||
'bruteForceProtectionMaxAge'
|
||||
]
|
||||
},
|
||||
'lwpOpts',
|
||||
|
|
|
|||
|
|
@ -126,7 +126,9 @@
|
|||
"bruteForceProtection":"تفعيل",
|
||||
"bruteForceProtectionIncrementalTempo":"Incremental lock",
|
||||
"bruteForceProtectionLockTimes":"Incremental lock times",
|
||||
"bruteForceProtectionMaxAge":"Maximum age",
|
||||
"bruteForceProtectionMaxFailed":"Allowed failed logins",
|
||||
"bruteForceProtectionMaxLockTime":"Maximum lock time",
|
||||
"bruteForceProtectionTempo":"Lock time",
|
||||
"cancel":"إلغاء",
|
||||
"captcha_login_enabled":"التفعيل في استمارة تسجيل الدخول",
|
||||
|
|
|
|||
|
|
@ -126,7 +126,9 @@
|
|||
"bruteForceProtection":"Activation",
|
||||
"bruteForceProtectionIncrementalTempo":"Incremental lock",
|
||||
"bruteForceProtectionLockTimes":"Incremental lock times",
|
||||
"bruteForceProtectionMaxAge":"Maximum age",
|
||||
"bruteForceProtectionMaxFailed":"Allowed failed logins",
|
||||
"bruteForceProtectionMaxLockTime":"Maximum lock time",
|
||||
"bruteForceProtectionTempo":"Lock time",
|
||||
"cancel":"Abbrechen",
|
||||
"captcha_login_enabled":"Activation in login form",
|
||||
|
|
|
|||
|
|
@ -126,7 +126,9 @@
|
|||
"bruteForceProtection":"Activation",
|
||||
"bruteForceProtectionIncrementalTempo":"Incremental lock",
|
||||
"bruteForceProtectionLockTimes":"Incremental lock times",
|
||||
"bruteForceProtectionMaxAge":"Maximum age",
|
||||
"bruteForceProtectionMaxFailed":"Allowed failed logins",
|
||||
"bruteForceProtectionMaxLockTime":"Maximum lock time",
|
||||
"bruteForceProtectionTempo":"Lock time",
|
||||
"cancel":"Cancel",
|
||||
"captcha_login_enabled":"Activation in login form",
|
||||
|
|
|
|||
|
|
@ -126,7 +126,9 @@
|
|||
"bruteForceProtection":"Activación",
|
||||
"bruteForceProtectionIncrementalTempo":"Incremental lock",
|
||||
"bruteForceProtectionLockTimes":"Incremental lock times",
|
||||
"bruteForceProtectionMaxAge":"Maximum age",
|
||||
"bruteForceProtectionMaxFailed":"Allowed failed logins",
|
||||
"bruteForceProtectionMaxLockTime":"Maximum lock time",
|
||||
"bruteForceProtectionTempo":"Lock time",
|
||||
"cancel":"Cancelar",
|
||||
"captcha_login_enabled":"Activación en formulario de acceso",
|
||||
|
|
|
|||
|
|
@ -126,7 +126,9 @@
|
|||
"bruteForceProtection":"Activation",
|
||||
"bruteForceProtectionIncrementalTempo":"Verrouillage incrémentiel",
|
||||
"bruteForceProtectionLockTimes":"Temps de verrouillage incrémentiel",
|
||||
"bruteForceProtectionMaxAge":"Age maximum des échecs",
|
||||
"bruteForceProtectionMaxFailed":"Nombre d'échecs de connexion autorisés",
|
||||
"bruteForceProtectionMaxLockTime":"Temps maximum de verrouillage",
|
||||
"bruteForceProtectionTempo":"Temps de verrouillage",
|
||||
"cancel":"Annuler",
|
||||
"captcha_login_enabled":"Activation dans le formulaire d'authentification",
|
||||
|
|
|
|||
|
|
@ -126,7 +126,9 @@
|
|||
"bruteForceProtection":"Attivazione",
|
||||
"bruteForceProtectionIncrementalTempo":"Incremental lock",
|
||||
"bruteForceProtectionLockTimes":"Incremental lock times",
|
||||
"bruteForceProtectionMaxAge":"Maximum age",
|
||||
"bruteForceProtectionMaxFailed":"Allowed failed logins",
|
||||
"bruteForceProtectionMaxLockTime":"Maximum lock time",
|
||||
"bruteForceProtectionTempo":"Lock time",
|
||||
"cancel":"Cancella",
|
||||
"captcha_login_enabled":"Attivazione nel modulo di login",
|
||||
|
|
|
|||
|
|
@ -126,7 +126,9 @@
|
|||
"bruteForceProtection":"Aktywacja",
|
||||
"bruteForceProtectionIncrementalTempo":"Blokada przyrostowa",
|
||||
"bruteForceProtectionLockTimes":"Przyrostowe czasy blokady",
|
||||
"bruteForceProtectionMaxAge":"Maximum age",
|
||||
"bruteForceProtectionMaxFailed":"Dozwolone nieudane logowania",
|
||||
"bruteForceProtectionMaxLockTime":"Maximum lock time",
|
||||
"bruteForceProtectionTempo":"Czas blokady",
|
||||
"cancel":"Anuluj",
|
||||
"captcha_login_enabled":"Aktywacja w formularzu logowania",
|
||||
|
|
|
|||
|
|
@ -126,7 +126,9 @@
|
|||
"bruteForceProtection":"Aktivasyon",
|
||||
"bruteForceProtectionIncrementalTempo":"Artan gecikme",
|
||||
"bruteForceProtectionLockTimes":"Artan gecikme zamanı",
|
||||
"bruteForceProtectionMaxAge":"Maximum age",
|
||||
"bruteForceProtectionMaxFailed":"İzin verilen başarısız girişler",
|
||||
"bruteForceProtectionMaxLockTime":"Maximum lock time",
|
||||
"bruteForceProtectionTempo":"Kilit süresi",
|
||||
"cancel":"İptal Et",
|
||||
"captcha_login_enabled":"Giriş formunda aktivasyon",
|
||||
|
|
|
|||
|
|
@ -126,7 +126,9 @@
|
|||
"bruteForceProtection":"Kích hoạt",
|
||||
"bruteForceProtectionIncrementalTempo":"Incremental lock",
|
||||
"bruteForceProtectionLockTimes":"Incremental lock times",
|
||||
"bruteForceProtectionMaxAge":"Maximum age",
|
||||
"bruteForceProtectionMaxFailed":"Allowed failed logins",
|
||||
"bruteForceProtectionMaxLockTime":"Maximum lock time",
|
||||
"bruteForceProtectionTempo":"Lock time",
|
||||
"cancel":"Hủy",
|
||||
"captcha_login_enabled":"Kích hoạt ở dạng đăng nhập",
|
||||
|
|
|
|||
|
|
@ -126,7 +126,9 @@
|
|||
"bruteForceProtection":"激活",
|
||||
"bruteForceProtectionIncrementalTempo":"Incremental lock",
|
||||
"bruteForceProtectionLockTimes":"Incremental lock times",
|
||||
"bruteForceProtectionMaxAge":"Maximum age",
|
||||
"bruteForceProtectionMaxFailed":"Allowed failed logins",
|
||||
"bruteForceProtectionMaxLockTime":"Maximum lock time",
|
||||
"bruteForceProtectionTempo":"Lock time",
|
||||
"cancel":"取消",
|
||||
"captcha_login_enabled":" 登录激活",
|
||||
|
|
|
|||
|
|
@ -126,7 +126,9 @@
|
|||
"bruteForceProtection":"啟用",
|
||||
"bruteForceProtectionIncrementalTempo":"增量鎖",
|
||||
"bruteForceProtectionLockTimes":"增量鎖時間",
|
||||
"bruteForceProtectionMaxAge":"Maximum age",
|
||||
"bruteForceProtectionMaxFailed":"允許的失敗登入",
|
||||
"bruteForceProtectionMaxLockTime":"Maximum lock time",
|
||||
"bruteForceProtectionTempo":"鎖時間",
|
||||
"cancel":"取消",
|
||||
"captcha_login_enabled":"在登入表單中啟用",
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
|
@ -39,7 +39,6 @@ my @notManagedAttributes = (
|
|||
|
||||
# Plugins parameters
|
||||
'notificationsMaxRetrieve', 'persistentSessionAttributes',
|
||||
'bruteForceProtectionMaxAge', 'bruteForceProtectionMaxLockTime',
|
||||
|
||||
# PSGI/CGI protection (must be set in lemonldap-ng.ini)
|
||||
'protection',
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
|
|||
PE_WAIT
|
||||
);
|
||||
|
||||
our $VERSION = '2.0.12';
|
||||
our $VERSION = '2.0.14';
|
||||
|
||||
extends 'Lemonldap::NG::Portal::Main::Plugin';
|
||||
|
||||
|
|
@ -56,6 +56,7 @@ sub init {
|
|||
return 0;
|
||||
}
|
||||
|
||||
my $maxAge = $self->conf->{bruteForceProtectionMaxAge} || 300;
|
||||
if ( $self->conf->{bruteForceProtectionIncrementalTempo} ) {
|
||||
my $lockTimes = @{ $self->lockTimes } =
|
||||
sort { $a <=> $b }
|
||||
|
|
@ -87,14 +88,13 @@ sub init {
|
|||
$lockTimes = $self->conf->{failedLoginNumber};
|
||||
}
|
||||
|
||||
my $sum = $self->conf->{bruteForceProtectionMaxAge} *
|
||||
( 1 + $self->conf->{failedLoginNumber} - $lockTimes );
|
||||
my $sum =
|
||||
$maxAge * ( 1 + $self->conf->{failedLoginNumber} - $lockTimes );
|
||||
$sum += $_ foreach @{ $self->lockTimes };
|
||||
$self->maxAge($sum);
|
||||
}
|
||||
else {
|
||||
$self->maxAge( $self->conf->{bruteForceProtectionMaxAge} *
|
||||
( 1 + $self->maxFailed ) );
|
||||
$self->maxAge( $maxAge * ( 1 + $self->maxFailed ) );
|
||||
}
|
||||
|
||||
return 1;
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
Loading…
Reference in New Issue
Block a user