[RADIATOR] AuthBy DUO issue

Heikki Vatiainen hvn at open.com.au
Wed Oct 13 14:42:00 UTC 2021


On 16.8.2021 19.23, Alexander.Hartmaier at t-systems.com wrote:

> A simpler might be to mark Duo dead for a configurable number of seconds 
> after which it's marked as alive again without a check. The next 
> authentication would then either work or again trigger marking it as dead.

This solution is now in 4.25 patches and available with patch packages.

What now happens is that when CheckTimerInterval is set to 0, API 
failure sets the API status to failed as usually. When 
FailureBackoffTime, a new parameter, seconds have elapsed since the 
failure was detected, the API is considered to be working again.

In other words, this matches the behaviour quoted above with 
FailureBackoffTime being the configurable parameter for the number of 
seconds.

The default value of FailureBackoffTime is 60. If set to 0, then the API 
never remains in the failed state. Longer values avoid using the API, 
for example, when there's a need to access many different devices to 
troubleshoot timeout causes.

As always, feedback is welcome.

Thanks,
Heikki

-- 
Heikki Vatiainen
OSC, makers of Radiator
Visit radiatorsoftware.com for Radiator AAA server software


More information about the radiator mailing list