[keycloak-user] Brute Force Detection and login number of failure
Notarnicola, Mara
M.Notarnicola at klopotek.it
Wed Dec 23 11:36:03 EST 2015
Dear all,
We are using Keycloak 1.5.0 and we are switching to 1.7.0 version.
We have extended the AbstractUsernameFormAuthenticator and implemented our UserFederationProvider.
We currently use the Brute Force Detection to detect user login failures.
We have noted that at the first time the BruteForceProtector initializes UsernameLoginFailureModel in its failure method, so both in the FormAuthenticator and in FederationProvider, the UsernameLoginFailureModel of the current session is null.
Our problem is to disable Brute Force for a set of users, it's now possible to do this?
Thanks for your time
Mara
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151223/ac6453a4/attachment.html
More information about the keycloak-user
mailing list