Jeff,
We have recently done this using Security Filter (securityfilter.org) and a custom realm.
The realm's authenticate method(s) delegates to a business tier object that handles authentication/authorization,
including locking out users after N attempts.
Gareth Davies
-----Original Message-----
From: Nowakowski, Jeff [mailto:jnowakowski@litle.com]
Sent: Wednesday, June 04, 2003 9:38 AM
To: tomcat-user@jakarta.apache.org
Subject: Limiting login attempts
Hi,
Is there any way to limit the number of login attempts using the
security realm stuff? We're using form-based login. We'd like to
limit a user to N attempts and then display a message saying that
their account has been locked out.
-Jeff
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
|