On Wed, Aug 4, 2010 at 11:13, JOSE FELIX HERNANDEZ BARRIO <[email protected]> wrote: > hi, > > i'm trying to implement these charecteristics: > - block a user after 5 wrong passwords > - force the user to change the password after a number of days > > i've a full java application in front of the repository, so i don't need to > implement every thing inside the securityManager. > > i've thought in creating a mix:securityRestrictions and apply it to the user > node but this is not possible due to the user node is protected. > > any hint implementing this in jackrabbi?
You could have a custom LoginModule that does these additional checks and throws some specifically marked exception that your application can react on. This module would pass the actual check on to the existing LoginModule, albeit I can't exactly tell you how to do that. The LoginModule is a separate config, and is standard JAAS: http://jackrabbit.apache.org/jackrabbit-configuration.html#JackrabbitConfiguration-Securityconfiguration Regards, Alex -- Alexander Klimetschek [email protected]
