]
Darran Lofthouse updated AS7-1712:
----------------------------------
Fix Version/s: 7.3.0.Alpha1
(was: 7.2.0.CR1)
Implement an account lockout mechanism for domain management.
-------------------------------------------------------------
Key: AS7-1712
URL:
https://issues.jboss.org/browse/AS7-1712
Project: Application Server 7
Issue Type: Task
Components: Domain Management, Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Labels: Common_Authentication, Realm_Management
Fix For: 7.3.0.Alpha1
One issue to consider is that we are using realms to integrate with existing user stores
so may not be able to update the remote store: -
- Consider an option to update the remote store if possible.
- If not cache a backlisted user until an admin unlocks that account
Before being implemented this feature will require further discussion, in additional to
locking mechanisms for unlocking should also be considered and also the potentional for
denail of service type attacks based on locking out the administrators.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: