[openstack-dev] [keystone][security] New BP for anti brute force in keystone
julien at danjou.info
Thu Jan 14 08:52:23 UTC 2016
On Wed, Jan 13 2016, Morgan Fainberg wrote:
> A standard method of rate limiting for OpenStack services would be a good
> thing to figure out.
Apache used as a daemon for WSGI application (e.g. like we do by default
in devstack) has support for rate limit for decades – see mod_ratelimit
So this is a problem we really want to solve in OpenStack – unless we're
really getting bored or victims of the NIH syndrom.
Now, that does mean that other protection methods (as suggested in the
original blueprint proposal) should not be implemented, but this one
shouldn't be reinvented for sure.
# Free Software hacker
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 800 bytes
Desc: not available
More information about the OpenStack-dev