[jboss-jira] [JBoss JIRA] (AS7-1712) Implement an account lockout mechanism for domain management.

Implement an account lockout mechanism for domain management. ------------------------------------------------------------- Key: AS7-1712 URL: https://issues.jboss.org/browse/AS7-1712 Project: Application Server 7 Issue Type: Task Components: Domain Management, Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Labels: Common_Authentication, Realm_Management Fix For: 7.2.0.Alpha1 One issue to consider is that we are using realms to integrate with existing user stores so may not be able to update the remote store: - - Consider an option to update the remote store if possible. - If not cache a backlisted user until an admin unlocks that account Before being implemented this feature will require further discussion, in additional to locking mechanisms for unlocking should also be considered and also the potentional for denail of service type attacks based on locking out the administrators.