advanced Apache authorization: updates triggered by select?
| От | Holger Marzen |
|---|---|
| Тема | advanced Apache authorization: updates triggered by select? |
| Дата | |
| Msg-id | Pine.LNX.4.44.0209171633500.17072-100000@bluebell.marzen.de обсуждение исходный текст |
| Ответы |
Re: advanced Apache authorization: updates triggered by select?
|
| Список | pgsql-general |
Hi boys (and girls)? Authorization to web contents can be eaysily done with some Apache modules like mod_auth_pgsql (I wrote a little summary some time ago on http://bluebell.marzen.de/mod_auth_pgsql/). But what if we need some kind of protection agains brute force attacks? The modules are usually designed to do only selects. Is it possible to write some kind of magic that updates the same or another table at the same time? For every select there should automagically the following logic be triggered: - If userid/password is correct then set a counter for this userid to zero. - If userid/password is not correct then increment the counter for this userid. That should be enough because the password check could include something like "and counter <= 5". Any ideas? -- PGP/GPG Key-ID: http://blackhole.pca.dfn.de:11371/pks/lookup?op=get&search=0xB5A1AFE1
В списке pgsql-general по дате отправления: