From: | Lukasz Brodziak <lukasz(dot)brodziak(at)gmail(dot)com> |
---|---|
To: | Frank Cavaliero <fcavalie(at)us(dot)ibm(dot)com> |
Cc: | pgsql-admin(at)postgresql(dot)org |
Subject: | Re: Failed Login Attempts parameter |
Date: | 2012-11-15 08:48:47 |
Message-ID: | CAGWYGjUgOwXbwpP3dYmojnSAy+uR7uMnA4dPZ1n0D-3ULcxk9w@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
A little suplement to previous answer You can also automate GRANT process
by creating a table called e.g. locked_users containing role name and
revoke timestamp then make a function that will check the time passed since
revoking permissions for each user and if it will by equal or higher than
time given e.g. 24 hours it will run GRANT LOGIN on the role.
2012/11/15 Lukasz Brodziak <lukasz(dot)brodziak(at)gmail(dot)com>
> Hi,
>
> As far as I know there is no such parameter in PG. If you use PG as a
> database for your program you can implement the feature in the appplication
> by logging the failed logins in separate table(or the one holding
> application users and their passwords) and then disable login for the user
> if number of failures is bigger than specified value.
> Another way is to create a function in postgresql which will check failed
> login count and if the attempts go bigger than specified number it will run
> a REVOKE on the user role thus disabling login. Then admin will have to run
> GRANT for the user manually.
>
>
> 2012/11/14 Frank Cavaliero <fcavalie(at)us(dot)ibm(dot)com>
>
>> Hi,
>>
>> I've been searching the web and reviewing documentation, but I cannot
>> find any reference to whether or not a parameter, for example,
>> failed_login_attempts, exists in PostgreSQL that determines the number of
>> attempts a user can make before being locked. In addition, if such a
>> parameter or similar setup exists, is there also some database object that
>> provides a current count of the failed login attempts?
>>
>> Thanks,
>> Frank
>>
>>
>> *Frank Cavaliero*
>>
>> *Database Administrator*
>>
>> *IBM Infosphere Guardium*
>>
>> *IBM Software Group, Information Management*
>>
>> *978-899-3635 - Direct*
>>
>> For Technical Services Support Please Call 978-899-9195.
>>
>>
>> This communication is intended only for the use of the individual or
>> entity named as the addressee. It may contain information which is
>> privileged and/or confidential under applicable law. If you are not the
>> intended recipient or such recipient's employee or agent, you are hereby
>> notified that any dissemination, copy or disclosure of this communication
>> is strictly prohibited. If you have received this communication in error,
>> please immediately notify us at 978-899-9195 or notify the sender by
>> reply e-mail and expunge this communication without making any copies.
>> Thank you for your cooperation.
>>
>>
>>
>>
>
>
> --
> Łukasz Brodziak
> "Do you bury me when I'm gone
> Do you teach me while I'm here
> Just as soon I belong
> Then it's time I disappear"
>
--
Łukasz Brodziak
"Do you bury me when I'm gone
Do you teach me while I'm here
Just as soon I belong
Then it's time I disappear"
From | Date | Subject | |
---|---|---|---|
Next Message | Albe Laurenz | 2012-11-15 08:54:47 | Re: Query Stuck in running server |
Previous Message | Lukasz Brodziak | 2012-11-15 08:40:09 | Re: Failed Login Attempts parameter |