reCaptcha integration with IDPv3

Thomas Colin de Verdière tdeverdiere at
Tue Apr 23 11:09:51 EDT 2019


This subject has been discussed a while ago (2016-01-22) between joller_lee
and Scott Cantor.

My Target : Trying to integrate Recaptcha on the login after 5 attempts
with the same user id.

Joller did not mention the number of attempts in his answer. But he
described his tricky solution.

Did this feature has been implemented yet in Shibboleth ? Are there code
sources available for it ?

joller said :
Finally, I found a way to accomplish it, but in a quite tricky manner:

1. Add an "on-entry" element to the "ValidateUsernamePassword" action-state
in conditions-flow.xml,
    which is the parent state of all those with the same name.
    In the "on-entry" element, the reCaptcha validation is done,
    and if it fails, the `username' property of the UsernamePasswordContext
is set to null
    to prevent the LDAP authentication from being successful.
2. After the LDAP authentication fails, the transitions in the parent state
will be checked.
    So add one that checks the previous reCaptcha validation result and, on
failure, add some
    error message for display.

Thomas de Verdière

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list