Massive authentications from SP GoogleApps

Miguel Salinas Vivancos msalinas at
Wed Sep 4 02:23:38 EDT 2019

Sure it's one option but in our case we have several times a year that the ratio will be 3 times greater than the usual, so I think it's better not to establish limits.
As you said if there isn't much supervision (same average number of logins all the year) it's a good choice.

Miguel Salinas Vivancos
Identity Management Integrator 
Tel.: +34 639 198 154 - mail:msalinas at

Grupo SIA
Citypark, Edificio Atenas, Ctra. Hospitalet 147. 08940 Cornellá de Llobregat - Barcelona  - Twitter: @SIA_es  - LinkedIn: Grupo SIA

-----Mensaje original-----
De: users [mailto:users-bounces at] En nombre de Cantor, Scott
Enviado el: martes, 3 de septiembre de 2019 18:52
Para: Shib Users
Asunto: Re: Massive authentications from SP GoogleApps

On 9/3/19, 12:24 PM, "users on behalf of Jim Fox" <users-bounces at on behalf of fox at> wrote:

> We have an F5 in front of our IdP.  It blocks a source address on 20 hits
> in 5 seconds, or 50 in 10 seconds, something like that.  After a minute
> the address is re-permitted.  It needs no supervision and I've never
> gotten any complaints.

Yeah, pretty much what I had in mind. I think Apache modules exist for similar purposes.

-- Scott

For Consortium Member technical support, see
To unsubscribe from this list send an email to users-unsubscribe at

More information about the users mailing list