AppFuse
APF-166

Lock out accounts after too many failed login attempts

Details

Type: New Feature
Status: Open
Priority: Minor
Resolution: Unresolved
Affects Version/s: 1.8.2
Fix Version/s: None
Component/s: Security
Labels:
None

Description

Implement full support for Acegi's "account locked" exception condition. Lock out user accounts after a configurable number of failed login attempts. (Parameter value of 0 disables this feature.)

Requires implementation of custom version of Acegi's DaoAuthenticationProvider.

I have this code completed & tested under Struts. I will upload a patch once I test on SpringMVC also.

Activity

All
Comments
Work Log
History
Activity
Source
Reviews
Builds

Matt Raible made changes - 03/Jan/06 4:12 PM

Field	Original Value	New Value
Priority	Critical [ 2 ]	Minor [ 4 ]

People

Assignee:

Matt Raible

Reporter:

David Carter

Vote (1)

Watch (1)

Dates

Created:

19/Sep/05 10:38 PM

Updated:

08/Oct/07 1:45 PM