Uploaded image for project: 'Blocking Authenticator'
  1. Blocking Authenticator
  2. AUTHBLOCK-2

Information about failed logins should not be shared across subwikis

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.0
    • Fix Version/s: 1.1
    • Component/s: api
    • Labels:
      None
    • Difficulty:
      Unknown
    • Similar issues:

      Description

      Currently all failed login attempts are stored in the same data structure, no matter from which wiki they occur. However the different subwikis might as well have different policies configured, with the odd result that a user can be blocked in one, but gets unblocked when trying to login to another wiki with a much shorter expiration time.

      The different login attempts thus should be stored by wiki. If a user does not exist in a subwiki but in the main wiki, the information should be stored in the main wiki. (If the account does not exist in any wiki, it does not matter much.)

        Attachments

          Activity

            People

            • Assignee:
              camil7 Clemens Robbenhaar
              Reporter:
              camil7 Clemens Robbenhaar
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: