hi
i'm trying to implement these charecteristics:
- block a user after 5 wrong passwords
- force the user to change the password after a number of days
i've a full java application in front of the repository, so i don't need to
implement every thing inside the securityManager.
i've thought in creating a mix:securityRestrictions and apply it to the user
node but this is not possible due to the user node is protected.
you are on talking about jackrabbit < 2.x, right?
as of jr 2.0 the user node isn't protected any more.
but if i'm not mistaken you should be able to create child
items below the user node that would store the required
information.
apart from that: to me it looks a bit problematic if your
block is only enforced by your app and not by the repository
itself... if i was you, i would enforce that in the login
module [that's what i plan to do for the disable-user
functionality see JCR-2635].
regards
angela
any hint implementing this in jackrabbi?
thx
