Martin,
Could you please detail your answer (maybe with a simple snippet) ?
"
So do I understand correctly you want to implement server side action, which get username/password as a parameter and want to verify (using Elytron) user is stored in DB?
If so you could use request.login() in Servlet. Which will authenticate against configured Elytron security-domain.
"
I'm looking to achieve something similar. In the past I've had a custom login module that was extending DatabaseServerLoginModule. That custom login class was checking if the user tried to login too many times and would lock his account if this was the case.
I'm trying to achieve something similar but using elytron.
Is there a class from the elytron jars that I can extend to achieve this ?
I have a similar problem to yours. Could you post your Client configuration? I know it was a while ago but I hope you still help
I did a nasty workardound with that involved JMS and capturing the authentication failed event.
You can check org.wildfly.security.auth.realm.jdbc.JdbcSecurityRealm.handleRealmEvent(RealmEvent) from the elytron project and based on the event type RealmSuccessfulAuthenticationEvent or RealmFailedAuthenticationEvent do some call to your server.
I'm not saying this is the best way to do it but that's what I did.