Refactor #22778
closed
Allow admin to opt-out from the Brute-force attack protection
Description
Implementation of http://projects.theforeman.org/issues/4238 introduced a BFA protection, however this is not configurable at all (enable/disable, number of retries, blacklist timeout, etc.).
It would be beneficial, if I as an admin had a way of configure or completely disable the feature.
- e.g. our automation, running on a single foreman instance executes multiple tests, one of them being a negative tests trying an invalid authentication - this test typically lock the automation out from Foreman access, causing all further tests to fail.
Updated by Og Maciel about 6 years ago
Please consider adding this RFE as its absence right now blocks QE's automation.
Updated by Marek Hulán about 6 years ago
Interesting problem. I see we count to 30 if the login attempt fails. Does that mean that automation tried 30 times wrong password? Is that a single test that does that? Or what does the automation try to achieve? A workaround might be cleaning Rails cache, which is normally located at /usr/share/foreman/tmp/. Or you can try running foreman-rake tmp:clear
Updated by Marek Hulán about 6 years ago
- Related to Feature #4238: Protection from Brute Force Password Attacks added
Updated by The Foreman Bot almost 6 years ago
- Status changed from New to Ready For Testing
- Assignee set to Marek Hulán
- Pull request https://github.com/theforeman/foreman/pull/5619 added
Updated by Lukas Zapletal almost 6 years ago
- translation missing: en.field_release set to 353
Updated by Marek Hulán almost 6 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 086ed5bde1fa53b86a7b11395ad2f82e5269235e.
Updated by Marek Hulán over 5 years ago
- Triaged set to No
- Bugzilla link set to 1633360