Make it easier to disable BruteForceLocker (#1345)

Wojciech Kapcia (Tigase) opened 3 years ago

Currently, to disable BruteForceLocker one has to disable it in the configuration and for each VHost, which is somewhat inconvenient. It should be possible to simply set disable BruteForceLockerBean but currently this could lead to NPEs.

All injections of BruteForceLockerBean should be configured with nullAllowed = true and proper checks should be added.

Add information to the documentation as well.

Activities

Wojciech Kapcia (Tigase) commented 3 years ago

Change is now implemented. BruteForceLocker bean has been pulled up and encapsulated in AbstractAuthPreprocessor. Sasl plugins were refactored a bit to SaslAuthAbstract to reduce code duplication.
Wojciech Kapcia (Tigase) batch edited 1 year ago
Name Previous Value Current Value
Iterations
empty
tigase-server-8.4.0
Login to comment

Name	Previous Value	Current Value
Iterations	empty	tigase-server-8.4.0

Type	Bug
Priority	Normal
Assignee	Wojciech Kapcia (Tigase)
Version	tigase-server-8.4.0

Iterations

tigase-server-8.4.0 Closed

Issue Votes (0)

Watchers (2)

Reference

tigase/_server/server-core#1345