[ http://issues.apache.org/jira/browse/GERONIMO-419?page=all ]
Aaron Mulder resolved GERONIMO-419:
-----------------------------------
Resolution: Fixed
Assign To: Aaron Mulder
Lockout after N failures implemented as a new login module in revision 345628
> Lockout after N failed logins
> -----------------------------
>
> Key: GERONIMO-419
> URL: http://issues.apache.org/jira/browse/GERONIMO-419
> Project: Geronimo
> Type: New Feature
> Components: security
> Versions: 1.0-M2
> Reporter: Aaron Mulder
> Assignee: Aaron Mulder
> Priority: Minor
> Fix For: 1.0
>
> It would be nice if the default security realms supported locking an account
> after a certain number of consecutive failed logins. Lacking that, it would
> be nice if they supported a configurable delay on a failed login attempt.
> Both methods help defend against brute force login attacks.
> This is a pretty low priority, but IMHO it still goes on the "nice to have"
> list.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
