This week's giveaway is in the Java/Jakarta EE forum.
We're giving away four copies of Java EE 8 High Performance and have Romain Manni-Bucau on-line!
See  RSS feed
Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

I'm working on a J2EE (Servlets & JSP MVC) application for use in the gov't sector. Apps in the gov't sector require account controls to be met IAW the following:

- Account Lockout after 3 failed login attempts
- Notification of failed login on next successful login
- Application account password changed every 60 days. If not, account is locked

I have a users table in the database that stores the username, password and role. I'm sure I have to add additional columns to capture failed login attempts etc but I wanted to know if someone has a good working solution or a good approach to suffice this requirement?
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!