-
Notifications
You must be signed in to change notification settings - Fork 1.6k
Authentication
Simon Bartlett edited this page Feb 10, 2015
·
25 revisions
We support three methods of authentication
- Local
- Kerberos
- LDAP
To configure which authentication are used, modify the auth.providers property.
The following activates only local authentication.
auth:
providers: [local]
This activates both Kerberos and local authentication:
auth:
providers: [kerberos, local]
The order in which providers are listed matters; as a user tries to authenticate, they will be authenticated against each provider in the order they're listed.
auth:
local:
enableRegistration: true
passwordRegex: ^.{8,64}$
### LDAP authentication
[See here](https://github.com/sdelements/lets-chat-ldap)
## Login throttling
Minimize password-guessing attacks by throttling login. After `auth.throttling.threshold` failed login attempts for a user, no more attempts can be made until a period of time elapses. This is period of time grows exponentially with the number of failed attempts until a maximum of 24 hours is reached.
auth: throttling: enable: true threshold: 3