=?UTF-8?B?5oiQ5LmL54SV?= <zhcheng@ceresdata.com> writes:
> The attached patch is a contrib module to set login restrictions on users with
> too many authentication failure. The administrator could manage several GUC
> parameters to control the login restrictions which are listed below.
> - set the wait time when password authentication fails.
> - allow the wait time grows when users of the same IP consecutively logon failed.
> - set the maximum authentication failure number from the same user. The system
> will prevent a user who gets too many authentication failures from entering the
> database.
I'm not yet forming an opinion on whether this is useful enough
to accept. However, I wonder why you chose to add this functionality
to auth_delay instead of making a new, independent module.
It seems fairly unrelated to what auth_delay does, and the
newly-created requirement that the module be preloaded might
possibly break some existing use-case for auth_delay.
Also, a patch that lacks user documentation and has no code comments to
speak of seems unlikely to draw serious review.
regards, tom lane
