Spring Security: how to implement Brute Force Detection (BFD)?
Posted
by Kdeveloper
on Stack Overflow
See other posts from Stack Overflow
or by Kdeveloper
Published on 2010-04-21T08:42:26Z
Indexed on
2010/04/21
9:03 UTC
Read the original article
Hit count: 623
My web applications security is handled by Spring Security 3.02 but I can't find any out of the box support for Brute Force Detection.
I would like to implement some application level BFD protection. For example by storing failed login attempt per user in the database (JPA). The attacked user accounts could then get a lockout period or a forced account re-activation by e-mail.
What's the best way to implement this with Spring Security? Does any body have example code or best practices on this?
© Stack Overflow or respective owner