[jboss-user] [Security & JAAS/JBoss] - Login from different hosts and brute force prevent

LidiaEmma do-not-reply at jboss.com
Wed Feb 27 04:13:33 EST 2008


Hi all,
I developed a portal application some time ago with Jboss Portal Server 2.2 , and I was looking for a way to enhance security settings.
In particular, some users notify me that
- it is possible for a user to login from different hosts 
- there is no a limit for login attempts, so the portal is vulnerable to a brute force attack.

This JBoss instance was not setting up by me so even after some searches I wasn't able to find where to modify to enable these security setting, or, if necessary, which java class to edit and recompile...

Does anywone have experience on it and/or can help me?
Thank you so much! :)

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4132408#4132408

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4132408



More information about the jboss-user mailing list