Hi! Thank you for your response! I really appreciate it.
"[EMAIL PROTECTED]" wrote : There is no garuntee on how many times the authenticate method will be called. | <..snip..> | That's bad :( I'm facing the situation that the database is counting the login attempts and blocks the account, when an invalid password is provided three times. How would I deal with the fact, that I don't know how often the Authenticator.authenticate() method is called? Does this mean, that I can't use the build-in identity component? Could you explain, why the method could be called multiple times within the same request-response-cycle? I thought, if the action method returns "false" then a simple re-rendering of the page is performed. Regarding the exceptions, I do have a try/catch(Exception e) in my dbAccess.authenticate() method - nothing is captured there... Best Regards, Kurt View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4098278#4098278 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4098278 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user