Hi Experts,
We came across a requirement where in we want to capture attacker’s IP and client info (client-id) when end user attempts a brute force.
We have extended the brute force provider and capturing the wrong logging attempts. The problem is whenever user exceeds brute force attempt, keycloak session object in brute force provider doesn’t have actual user request and client info model and all this information is null.
My question is how to trace attacker client’s Ip and other information (like client-id) whenever brute force attempt is detected.