6.0.0-git
2019-03-23

[#10387] rla: Adding optional "account_suspendable" and "bad_logins" features to horde_auth
Summary rla: Adding optional "account_suspendable" and "bad_logins" features to horde_auth
Queue Horde Framework Packages
Queue Version Git master
Type Enhancement
State Resolved
Priority 1. Low
Owners
Requester lang (at) b1-systems (dot) de
Created 2011-07-26 (2797 days ago)
Due 08/30/2011 (2762 days ago)
Updated 2011-08-27 (2765 days ago)
Assigned
Resolved 2011-08-27 (2765 days ago)
Milestone
Patch No

History
2011-08-27 21:21:56 Ralf Lang (B1 Systems GmbH) State ⇒ Resolved
 
2011-08-14 12:38:35 Git Commit Comment #8 Reply to this comment
Changes have been made in Git for this ticket:

Revert "[#10387] Draft implementation of bad login counting and 
account locking for Horde_Auth_Sql" This should only be in branch This 
reverts commit 60616171e09cc24c63e899533e0280b7b1f4c064.

  2 files changed, 7 insertions(+), 164 deletions(-)
http://git.horde.org/horde-git/-/commit/24891408163114e630e67dcf800cdeb0fe81abd2
2011-08-14 12:38:27 Git Commit Comment #7 Reply to this comment
Changes have been made in Git for this ticket:

Revert "Adding new configuration fields for added capabilities in 
Horde_Auth_Sql [#10387]" This should happen in branch instead This 
reverts commit 85a058f54f65b3c1ea1c256dc5318bb17262b104.

  1 files changed, 0 insertions(+), 17 deletions(-)
http://git.horde.org/horde-git/-/commit/ffbd05b6e1d27db944f7199a325040608d2effba
2011-08-12 13:21:42 Git Commit Comment #6 Reply to this comment
Changes have been made in Git for this ticket:

Adding new configuration fields for added capabilities in 
Horde_Auth_Sql [#10387]

  1 files changed, 17 insertions(+), 0 deletions(-)
http://git.horde.org/horde-git/-/commit/85a058f54f65b3c1ea1c256dc5318bb17262b104
2011-08-12 12:43:28 Git Commit Comment #5 Reply to this comment
Changes have been made in Git for this ticket:

[#10387] Draft implementation of bad login counting and account 
locking for Horde_Auth_Sql

  2 files changed, 164 insertions(+), 7 deletions(-)
http://git.horde.org/horde-git/-/commit/60616171e09cc24c63e899533e0280b7b1f4c064
2011-08-11 13:12:53 Git Commit Comment #4 Reply to this comment
Changes have been made in Git for this ticket:

updates mysql user table for new features of [#10387]

  1 files changed, 48 insertions(+), 0 deletions(-)
http://git.horde.org/horde-git/-/commit/0ab296d075f6256f22bc74b935559b2ed34ad04d
2011-08-11 13:12:48 Git Commit Comment #3 Reply to this comment
Changes have been made in Git for this ticket:

Horde_Auth_Sql: Dynamically add 'lock' and 'badlogincount' 
capabilities depending on configuration [#10387] Do some basic sanity 
checking

  1 files changed, 60 insertions(+), 3 deletions(-)
http://git.horde.org/horde-git/-/commit/9c5ef6d16b8dbd144c95c991632e06d4c4c2b9f7
2011-08-11 11:03:42 Git Commit Comment #2 Reply to this comment
Changes have been made in Git for this ticket:

abstract part of [#10387] rla: Adding optional "account_suspendable" 
and "bad_logins" features to horde_auth - added new constant 
REASON_LOCKED to Auth class - added new capabilities 'badlogincount' 
and 'lock' to Horde_Auth_Base class - added "unsupported" stubs for 
lockUser, unlockUser, isLocked, _badLogin, _resetBadLogins - added 
conditional handling of bad logins and locked users in authenticate()

  2 files changed, 81 insertions(+), 2 deletions(-)
http://git.horde.org/horde-git/-/commit/46f3166514d720dd254d1f3f551aa7fbd577ca99
2011-07-26 15:45:06 Ralf Lang (B1 Systems GmbH) Comment #1
Type ⇒ Enhancement
State ⇒ Accepted
Priority ⇒ 1. Low
Summary ⇒ rla: Adding optional "account_suspendable" and "bad_logins" features to horde_auth
Due ⇒ 2011-08-30
Queue ⇒ Horde Framework Packages
Milestone ⇒
Patch ⇒ No
Reply to this comment
I want to add two optional features to horde_auth:

1) A field and method to signal an account has been disabled 
permanently or temporarily for some reason. (see 2)
2) A field and method for keeping track of the number of bad login attempts.

Both should only affect drivers which implement it and only if 
requested. The default should be that the count of bad logins should 
have no effect, since this could be considered a DoS-able trap. This 
feature should not BC of the API.

Reason: Request on the list for suspendable account and interest in 
this feature by myself.


Saved Queries