[ http://jira.codehaus.org/browse/CONTINUUM-796?page=comments#action_73342 ] Carlos Sanchez commented on CONTINUUM-796: ------------------------------------------
We need to inject an ApplicationEventPublisher into ProviderManager that will process the AuthenticationFailurePasswordEvent as said before. Actually seems that it's not AuthenticationFailurePasswordEvent but AuthenticationFailureBadCredentialsEvent. There's a long list of possible events that inherit from AbstractAuthenticationFailureEvent, http://acegisecurity.org/multiproject/acegi-security/apidocs/org/acegisecurity/event/authentication/AbstractAuthenticationFailureEvent.html > Disable account on login failures > --------------------------------- > > Key: CONTINUUM-796 > URL: http://jira.codehaus.org/browse/CONTINUUM-796 > Project: Continuum > Issue Type: Sub-task > Reporter: Carlos Sanchez > > We can hook into acegi authz event system to get unsuccessful logins and add > the counter. > After a definer number (eg. 3) of unsucessful consecutive logins the account > must be disabled. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
