Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[SECURITY] Add hook to implement login protection methods
Currently only the backend login is protected with an implement sleep time after login failure. This patch adds a new hook which can be used to implement a protection functionality (e.g. for detecting brute force) and moves the sleep time as default protection in the abstract user authentication class. Resolves: #59231 Releases: master, 6.2 Security-Bulletin: TYPO3-CORE-SA-2015-006 Change-Id: Idd105d07e016dbbb901c04ae6e1ff4f46b92ac49 Reviewed-on: http://review.typo3.org/40823 Reviewed-by: Helmut Hummel <helmut.hummel@typo3.org> Tested-by: Helmut Hummel <helmut.hummel@typo3.org> Reviewed-by: Benjamin Mack <benni@typo3.org> Tested-by: Benjamin Mack <benni@typo3.org>
- Loading branch information