When you capture a failed login attempt (like in your listener)... you will need to update (i.e. increment) your User's failed login attempts.
You would need some sort of user management service in your application.. basically the application code that does the (update user set login_attempt = ?
Hi all I red on the web site that it can be easy to lock an account when the
user set password wrong for n times. I define a listener that implements
ApplicationListener and capture the event AuthenticationFailurePasswordEvent.
Can someone give me a good advice to implement a secure way to