Eric Norman created SLING-7939:
----------------------------------
Summary: SlingAuthenticator should post an event for login failures
Key: SLING-7939
URL: https://issues.apache.org/jira/browse/SLING-7939
Project: Sling
Issue Type: Improvement
Affects Versions: Auth Core 1.4.2
Reporter: Eric Norman
Assignee: Eric Norman
Fix For: Auth Core 1.4.4
The login failure events would be useful for the implementation of a failed
login throttling solution to prevent brute force dictionary attacks against
sling to guess user passwords. An unlimited number of failed logins should not
be allowed, but we need some way to gather the information to thwart it.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
