Release 17.11.2022 | PCI DSS: reject delay
This release added custom delay functionality. You can now customize the behavior of the Ldap Adapter in case of AccessReject response:
- return response immediately (default behavior);
- return response with a constant delay;
- return response with a random (within range) delay.
To activate custom delay functionality you need to specify the following setting in the root (the whole service level) configuration file:
<add key="invalid-credential-delay" value="DELAY_VALUE" />
Examples:
<add key="invalid-credential-delay" value="0" /> - delay mode is OFF (by default).
<add key="invalid-credential-delay" value="3" /> - AccessReject response will be returned after a 3 seconds delay.
<add key="invalid-credential-delay" value="2-6" /> - in this case the delay will have a random value between 2 and 6 (including range limits).