On Wed, Feb 11, 2009 at 9:49 AM, Peter Stavrinides <p.stavrini...@albourne.com> wrote: > I use an ASO as a token when signing users in, I use this small method to > introduce a time delay (if there are multiple failed attempts, I increase the > delay):
Your code doesn't delay the ASO, it delays the request processing. ;) It prevents dictionary attacks against passwords, something everyone should do. > I haven't tested it much, but it seems to work great, I was just a bit > worried if it would be thread safe or if I was doing something stupid. ApplicationStateManager (the Tapestry service that handles ASOs) is already thread-safe (it uses ConcurrentHashMap), so I guess you don't need to worry. ;) -- Thiago --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org