Massive authentications from SP GoogleApps
Miguel Salinas Vivancos
msalinas at bcn.sia.es
Wed Sep 4 02:23:38 EDT 2019
Sure it's one option but in our case we have several times a year that the ratio will be 3 times greater than the usual, so I think it's better not to establish limits.
As you said if there isn't much supervision (same average number of logins all the year) it's a good choice.
Miguel Salinas Vivancos
Identity Management Integrator
Tel.: +34 639 198 154 - mail:msalinas at bcn.sia.es
Grupo SIA
Citypark, Edificio Atenas, Ctra. Hospitalet 147. 08940 Cornellá de Llobregat - Barcelona
www.sia.es - Twitter: @SIA_es - LinkedIn: Grupo SIA
-----Mensaje original-----
De: users [mailto:users-bounces at shibboleth.net] En nombre de Cantor, Scott
Enviado el: martes, 3 de septiembre de 2019 18:52
Para: Shib Users
Asunto: Re: Massive authentications from SP GoogleApps
On 9/3/19, 12:24 PM, "users on behalf of Jim Fox" <users-bounces at shibboleth.net on behalf of fox at washington.edu> wrote:
> We have an F5 in front of our IdP. It blocks a source address on 20 hits
> in 5 seconds, or 50 in 10 seconds, something like that. After a minute
> the address is re-permitted. It needs no supervision and I've never
> gotten any complaints.
Yeah, pretty much what I had in mind. I think Apache modules exist for similar purposes.
-- Scott
--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list