From 5289cdd7476ce382ce4b38be23fc3d1605954d2f Mon Sep 17 00:00:00 2001 From: Moritz Bunkus Date: Thu, 27 Sep 2012 15:50:11 +0200 Subject: [PATCH] =?utf8?q?Konfigurationsoption=20f=C3=BCr=20Wartezeit=20na?= =?utf8?q?ch=20fehlgeschlagenen=20Logins?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- SL/Auth.pm | 3 ++- config/kivitendo.conf.default | 4 ++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/SL/Auth.pm b/SL/Auth.pm index ed5c84543..52c2dc63d 100644 --- a/SL/Auth.pm +++ b/SL/Auth.pm @@ -194,7 +194,8 @@ sub authenticate { } sub punish_wrong_login { - sleep 5; + my $failed_login_penalty = ($::lx_office_conf{authentication} || {})->{failed_login_penalty}; + sleep $failed_login_penalty if $failed_login_penalty; } sub get_stored_password { diff --git a/config/kivitendo.conf.default b/config/kivitendo.conf.default index 879dab0b9..127eb3c56 100644 --- a/config/kivitendo.conf.default +++ b/config/kivitendo.conf.default @@ -16,6 +16,10 @@ cookie_name = kivitendo_session_id # hours. session_timeout = 480 +# The number of seconds to penalize failed login attempts. 0 disables +# it. +failed_login_penalty = 5 + [authentication/database] # Connection information for the database with the user and group # inforamtion. This information is always needed, even if LDAP is -- 2.20.1