-
1. Re: User lock out if there was too many failed attempts
I think you'll have to implement a custom login module in your application to do that. You can just extend it from the DatabaseServerLoginModule if you want the existing functionality from that login module.
-
2. Re: User lock out if there was too many failed attempts
Thank you for providing info how to do it. I will extend DatabaseServerLoginModule and probably LdapLoginModule as well. Should I put my classes in JBoss modules, application lib or somewhere else?
Thanks
Lukasz -
3. Re: User lock out if there was too many failed attempts
Lukasz Szymik wrote:
Thank you for providing info how to do it. I will extend DatabaseServerLoginModule and probably LdapLoginModule as well. Should I put my classes in JBoss modules, application lib or somewhere else?
Thanks
LukaszStarting 7.1.1.Final, you are allowed to package them in a module of your own and then use the "module" attribute of the login-module element in the security subsystem of standalone/domain.xml file.
P.S: A user has recently reported that there might be a potential bug in this area where the correct module isn't being used for loading the loginmodule. We are investigating it, but if you too run into that issue, feel free to report it in the forums.