You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2016/10/04 16:05:52 UTC

[Bug 60202] Failed LDAP connection triggers lockout realm

https://bz.apache.org/bugzilla/show_bug.cgi?id=60202

Mark Thomas <ma...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |WONTFIX
             Status|NEW                         |RESOLVED

--- Comment #1 from Mark Thomas <ma...@apache.org> ---
Given the way that the LockOutRealm works (as a Realm wrapper with no insight
into the inner workings of the Realm it wraps) there is no easy way to fix this
as it has no way to dertermine why an authentication has failed.

Additionally, most LDAP services implement their own lock out policy for failed
passwords so use of the LockOutRealm may not be necessary in this case.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org