BruteForceDetection with Custom Authenticator and Token Encryption

adesai9999 · January 2, 2024, 11:56am

Hi,

Can we implement Custom Authentication along with Brute Force Detection and custom messages. The flow is as follows:

Application captures credentials and Calls KeyCloak endpoint.
Keycloak uses Custom Authentication- uses the data in the request and makes a backend call.
If login successfull Keycloak will generate a token and send a encrypted token like JOSE encryption back to calling application.
If the login fails continuously for number of attempts Brute Force Kicks in and LOcks the user for say 60 mins.
Keycloak Generates a Custom message and send it back to the calling application instead of Incorrect Username and Password.

Thanks
Ajay

Topic		Replies	Views
Reverse brute force attack prevention Getting advice	1	594	November 9, 2021
To which kind of auth the Brute Force Protection is applied? Securing applications authentication	0	396	March 5, 2021
Custom login password Extending the server authentication	0	351	April 4, 2022
OTP lock with Keycloak Securing applications authentication	1	562	December 16, 2021
How can I bypass the authentication	0	325	February 10, 2021