I tried setting xmpp.auth.retries. I then attempt to login with incorrect password multiple times and reaching the limit that i set in xmpp.auth.retries. I do not see any effects.
Is there any other way to acheive locking out users after X failed attempts? I am not using LDAP.
Best,
Barry
xmpp.auth.retries is the number of authentication retries allowed until the server disconnects the client. Assuming that the client is not explicitly disconnecting when authentication fails, it is stuck between the connection and the authentication stages. If it fails authenticatoin xmpp.auth.retries times, the server kicks it off. This “works”, so it just isn’t the property you’re looking for.
Now as to how to do the lockout, I’m not presently sure…