Hi,

 

I have a requirement to restrict login attempts to Guvnor to prevent BruteForceAttacks. For authentication I am using JAAS authentication with Guvnor.

 

 

Is there any option in Guvnor/Seam/JAAS to configure such requirement ?

 

E.g., A user can try a maximum of 3 unsuccessful attempts for login. If user fails in all 3 login attempts then the user has to wait for 5 minutes.

 

 

My Environment :

1.       JBOSS EAP 6.1.0

2.       Drools-Guvnor 5.5.0-Final;

 

Thanks and Best Regards, ¬ Zahid Ahmed Senior Software Engineer | Emirates Group IT P.O. Box 686 | Dubai, United Arab Emirates T +971 4 203 3912| M +971   55 124 9171