Poco::OSP::Auth::Data::AuthAdminServiceImpl

struct AuthParams

Library: OSP/Auth/Data
Package: Auth
Header: Poco/OSP/Auth/Data/AuthAdminServiceImpl.h

Variables

cacheSize

int cacheSize = 1024;

Size of the permissions cache.

cacheTimeout

int cacheTimeout = 60;

The timeout for the credentials cache, in seconds.

credentialsSalt

std::string credentialsSalt;

Salt for version 3 initial MD5 credentials hash (username:salt:password).

dbConnectionString

std::string dbConnectionString;

The connection string for connecting to the auth database.

dbConnector

std::string dbConnector;

The name of the database connector for the auth database.

hashVersion

int hashVersion = 3;

The version of the password has to use:

  • 1: MD5 with common salt (original, no longer considered secure)
  • 2: PBKDF2 with HMAC-SHA1 and per-user random salt
  • 3: PBKDF2 with HMAC-SHA1 and per-user random salt with additional MD5 password hashing allowing implementation of secure challenge-response authentication mechanisms such as SCRAM-SHA1 (recommended).

lockOutTime

int lockOutTime = 0;

Account lockout time in seconds after maxFailures failed login attempts. Set to 0 to disable lockout after too many login failures.

maxFailures

int maxFailures = 0;

Maximum login failures before lockout; set to 0 to disable automatic lockout on too many login failures.

neverLockOutUsers

std::set < std::string > neverLockOutUsers;

A set of usernames that should never be locked out after too many login failures. This typically includes the main administrator account, in order to prevent the administrator from being locked out through a DoS attack.

pbkdf2Iterations

int pbkdf2Iterations = 1024;

The number of iterations in the PBKDF2 algorithm.

saltLength

int saltLength = 7;

The length of the random per-user salt in bytes.