Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

maxFailures value of -1 is not honored #14

Open
skoranda opened this issue Oct 11, 2014 · 1 comment
Open

maxFailures value of -1 is not honored #14

skoranda opened this issue Oct 11, 2014 · 1 comment
Assignees
@paulhethmon
Labels
bug

Comments

@skoranda
Copy link

If one sets in multi-context-broker.xml

-1

then instead of an "unlimited number of login failures" as indicated by the documentation the IdP will send the user back to the SP with a SAML error after the first login failure.

I believe this is because of this if() statement in MCBLoginServlet.java:

if (principal.getFailedCount() >= mcbConfig.getMaxFailures())

With maxFailures set to -1 that test will always be true after the first login failure.

Something like

if ((principal.getFailedCount() >= mcbConfig.getMaxFailures()) && (mcbConfig.getMaxFailures() != -1))

appears to fix the issue.
@paulhethmon paulhethmon self-assigned this Jan 25, 2015
@paulhethmon
Copy link

Code fixed in v 1.2.2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@paulhethmon paulhethmon

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@skoranda @paulhethmon