[keycloak-dev] Plan for final release
Bill Burke
bburke at redhat.com
Thu May 1 14:32:00 EDT 2014
On 5/1/2014 2:21 PM, Stian Thorgersen wrote:
>
>
> ----- Original Message -----
>> From: "Bill Burke" <bburke at redhat.com>
>> To: "Stian Thorgersen" <stian at redhat.com>
>> Cc: keycloak-dev at lists.jboss.org
>> Sent: Thursday, 1 May, 2014 5:12:32 PM
>> Subject: Re: [keycloak-dev] Plan for final release
>>
>> Brute force needs to be integrated with code as it has to refuse before
>> the login screen is even shown (by IP address) or after the user
>> attempts to login (by username).
>
> Could we do it by adding more events? We could have events both before/after login?
>
> That would allow us to plug-in other things to the login-cycle, and you could also re-use the same event handlers for social and SAML logins. We could have built-in event handlers, but also let users register their own through the SPI.
>
It would have to be an SPI or something of which any of the interceptors
could abort the login.
>>
>> I really want the ability to redirect the user to a account management
>> warning screen that says something like "You logged into your account
>> from China. Was that you? If not, you might want to change your
>> credentials".
>
> Only China? Might be worth considering North Korea as well ;)
>
My gmail got hacked from China once, so I'm biased against them ;)
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list