https://bz.apache.org/bugzilla/show_bug.cgi?id=63336
Mark Thomas <ma...@apache.org> changed: What |Removed |Added ---------------------------------------------------------------------------- OS| |All Resolution|--- |WONTFIX Status|NEW |RESOLVED --- Comment #1 from Mark Thomas <ma...@apache.org> --- This has been discussed previously and will not be implemented in Tomcat since informing an attacker that an account has been locked is a (minor) security vulnerability. Users are free to extend Tomcat to provide this functionality in their apps if they wish. Requests to modify Tomcat to make this sort of extension easier are likely to be looked on favourably - especially if patches are provided. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org