Tigase Forge
Dashboards
Projects
Pull Requests
Issues
Builds
Packages
Code Search
server-core
Code
Pull Requests
Issues
List
Boards
Iterations
Timesheets
Builds
Packages
Statistics
Child Projects
OneDev 10.9.4
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects tigase _server server-core Issues #1345
Make it easier to disable BruteForceLocker (#1345)
Closed
wojciech.kapcia@tigase.net opened 1 year ago

Currently, to disable BruteForceLocker one has to disable it in the configuration and for each VHost, which is somewhat inconvenient. It should be possible to simply set disable BruteForceLockerBean but currently this could lead to NPEs.

All injections of BruteForceLockerBean should be configured with nullAllowed = true and proper checks should be added.

Add information to the documentation as well.
wojciech.kapcia@tigase.net commented 1 year ago

Change is now implemented. BruteForceLocker bean has been pulled up and encapsulated in AbstractAuthPreprocessor. Sasl plugins were refactored a bit to SaslAuthAbstract to reduce code duplication.
wojciech.kapcia@tigase.net batch edited 3 months ago
Name Previous Value Current Value 
Iterations
 empty 
tigase-server-8.4.0
issue 1 of 1
Type
Bug
Priority
Normal
Assignee
wojciech.kapcia@tigase.net
Version
tigase-server-8.4.0
Iterations
Related
  • Customers/carnow-inc#112 You are not authorized to access this issue
  • Customers/carnow-inc#139 You are not authorized to access this issue
Issue Votes (0)
Login to vote
Watchers (2)
Reference
tigase/_server/server-core#1345
Please wait...
Page is in error, reload to recover