You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Jones Scott - sjones <Sc...@acxiom.com> on 2006/11/30 21:58:24 UTC

[users@httpd] How to Lock a user out after 3 bad attempts

Is there a module that will work with AuthDBI to help lock a user out
after 3 bad attempts

 

________________________________

From: Jones Scott - sjones [mailto:Scott.Jones@acxiom.com] 
Sent: Wednesday, November 29, 2006 9:46 AM
To: users@httpd.apache.org
Subject: [users@httpd] Apache AuthDBI cache

 

I need a way to flush the cache that is held by AuthDBI.  Has anybody
done this?  And how?

 

Thanks

************************************************************************
*
The information contained in this communication is confidential, is
intended only for the use of the recipient named above, and may be
legally privileged.
 
If the reader of this message is not the intended recipient, you are 
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited.
 
If you have received this communication in error, please resend this
communication to the sender and delete the original message or any copy
of it from your computer system.
 
Thank you.
************************************************************************
*

Re: [users@httpd] How to Lock a user out after 3 bad attempts

Posted by Joshua Slive <jo...@slive.ca>.
On 11/30/06, Jones Scott - sjones <Sc...@acxiom.com> wrote:
>
>
>
>
> Is there a module that will work with AuthDBI to help lock a user out after
> 3 bad attempts

Not that I know of.  It is a harder problem than it might appear to
be.  Since HTTP is stateless, you'd need to write to a database on
each failed authentication attempt, and then figure out some way to
keep the database fresh.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org