Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-297

Account Lockout

    XMLWordPrintable

Details

    Description

      One issue to consider is that we are using realms to integrate with existing user stores so may not be able to update the remote store: -

      • Consider an option to update the remote store if possible.
      • If not cache a backlisted user until an admin unlocks that account

      Before being implemented this feature will require further discussion, in additional to locking mechanisms for unlocking should also be considered and also the potentional for denail of service type attacks based on locking out the administrators.

      Attachments

        Issue Links

          is related to

          Enhancement - An enhancement to or refactoring of existing functionality that is not configurable by an end user (typically a change made by an internal team that affects users) ELY-313 Add event notification API to realms

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              darran.lofthouse@redhat.com Darran Lofthouse
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: