[horde] v4.0.9 - Account locking and tracking question

Ralf Lang lang at b1-systems.de
Fri Sep 16 18:57:09 UTC 2011


Am Freitag, 16. September 2011, 20:45:18 schrieben Sie:
> Am Freitag, den 16.09.2011, 17:15 +0200 schrieb Ralf Lang:
> > Am Freitag, 16. September 2011, 14:33:19 schrieb Torsten Krah:
> > > Hi,
> > > 
> > > changelog does mention this new feature - is this working with every
> > > auth backend (i am using imp to provide authentication via imap)?
> > > I made sure i am using Horde_Auth 1.2.0 via "pear list -c horde".
> > 
> > Yes, it's intended to work with any backend.
> > 
> > > Enabled blocking and set failed logins to 3 and ban time to 5 - entered
> > > my password wrong 3 times (validated in the logs) and next entered it
> > > correct and login was granted. I would expect login to fail.
> > > Any idea whats wrong?
> > 
> > No. What's your Horde_Core version?
> 
> Horde_Core                1.4.1   stable
> 
> > When you go to the admin/user screen and manually lock a user there, is
> > it then possible to login?
> 
> I can't lock any user there. I am not managing my users via horde, i am
> using an external authentication management via imap like mentioned
> above, that why i asked if it does work with all backends ... so it
> seems this feature is dependent, is it (in this case disabling those
> options like done with the user management screen would be useful)?
> 
> regards
> 
> Torsten

No, the feature is driver independent. It only depends on history and locks, 
both usually configured to use the default sql backend.

Can you check if false logins create any entries in the history tables?

-- 
Ralf Lang
Linux Consultant / Developer
Tel.: +49-170-6381563
Mail: lang at b1-systems.de

B1 Systems GmbH
Osterfeldstraße 7 / 85088 Vohburg / http://www.b1-systems.de
GF: Ralph Dehner / Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537


More information about the horde mailing list