-
1. Re: User lock out if there was too many failed attempts
jaikiran pai May 25, 2012 2:27 AM (in response to Lukasz Szymik)I think you'll have to implement a custom login module in your application to do that. You can just extend it from the DatabaseServerLoginModule if you want the existing functionality from that login module.
-
2. Re: User lock out if there was too many failed attempts
Lukasz Szymik May 25, 2012 2:58 AM (in response to jaikiran pai)Thank you for providing info how to do it. I will extend DatabaseServerLoginModule and probably LdapLoginModule as well. Should I put my classes in JBoss modules, application lib or somewhere else?
Thanks
Lukasz -
3. Re: User lock out if there was too many failed attempts
jaikiran pai May 25, 2012 3:02 AM (in response to Lukasz Szymik)Lukasz Szymik wrote:
Thank you for providing info how to do it. I will extend DatabaseServerLoginModule and probably LdapLoginModule as well. Should I put my classes in JBoss modules, application lib or somewhere else?
Thanks
LukaszStarting 7.1.1.Final, you are allowed to package them in a module of your own and then use the "module" attribute of the login-module element in the security subsystem of standalone/domain.xml file.
P.S: A user has recently reported that there might be a potential bug in this area where the correct module isn't being used for loading the loginmodule. We are investigating it, but if you too run into that issue, feel free to report it in the forums.