Hi guys ,
Does jboss have any policy about the Brute Force Attack . ( The simplest way , the user try to guess the password more times ) .
Thanks !
I'm not aware of such.
This is often done long before the request reach JBoss.
For a login you might implement your own LoginModule and handle it there.