[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Proposition of overlay explockout
- To: openldap-technical@openldap.org
- Subject: Proposition of overlay explockout
- From: David Coutadeur <david.coutadeur@gmail.com>
- Date: Fri, 21 Sep 2018 11:19:25 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding; bh=i3EKnBSQn15eo0Lt5MAJvL4h5376LqHsRBTyHyex/xQ=; b=tlhstXObopSQhFoGk8OktNr/HX4s4kHrG/IJVXDd3a59rcY6HKL/96eD544o/naBSY SI/CL6votKJt+k1WItuSI+kOauAjbO89lHLjlImYt5+kAzAm+e7X3zoK3WYDm3ehS+mx P7CBK2vgkrsCtK9ikTzqF++aE9BUmohubHGOgIeiO2IYgXVan2vSsyqA0n9xuTiqq3rZ 9n6Mscq2W6915LS5i3smAx2M8pzOFz0pG3ZUcEIcBUVcouYkEiA90puSFPfVfzXxrdkY wdI0+6GeUtHFO39rIGGAT6zj5mosQcOrYB5a7GzfUV3fXurnzqwZYswRnsOGaoz5J15q KWdw==
- In-reply-to: <20180921104521.33f93893@pink.fritz.box>
- References: <CAL017hDXz4j6DQ2jMuRcZ8p31hwTvqWWFaZfB-EGSyC0_5HXoA@mail.gmail.com> <20180921104521.33f93893@pink.fritz.box>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0
Hello,
I'd like to point out a new overlay that I wrote:
https://github.com/davidcoutadeur/explockout
The aim is to require the user to wait for an exponential time before he
can authenticate again, after some failed authentications.
The overlay is quite simple: it relies on ppolicy for adding
pwdFailureTime attribute and compute the time the user has to wait.
Maybe some of you can consider it useful.
Please anyone feel free to give your opinion, comments or improvements.
Also if OpenLDAP team is interested, I would be glad to have it
incorporated in official OpenLDAP contrib modules.
David