Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Common Problem #3: How do I disable a user after a number of failed logins?

common disable failed logins problem user
0
Posted

Common Problem #3: How do I disable a user after a number of failed logins?

0 CommentsAdd a Comment

1 Answer

0

A common user requirement is to disable / lock an account after a number of failed login attempts. Acegi itself does not provide anything “out of the box”, however in your application you can implement and register an org.springframework.context.ApplicationListener. Inside your application event listener you can then check for an instanceof the particular AuthenticationFailureEvent and then call your application user management interface to update the user details. For example: public void onApplicationEvent(ApplicationEvent event) { // check failed event if(event instanceof AuthenticationFailurePasswordEvent){ // call user management interface to increment failed login attempts, etc. . . .

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123