This week's book giveaway is in the JDBC forum.
We're giving away four copies of Make it so: Java DB Connections & Transactions and have Marcho Behler on-line!
See this thread for details.
The moose likes Servlets and the fly likes Account Management for Gov't Use Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Make it so: Java DB Connections & Transactions this week in the JDBC forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Account Management for Gov Watch "Account Management for Gov New topic

Account Management for Gov't Use

Ron Ingram
Ranch Hand

Joined: Mar 11, 2011
Posts: 73

I'm working on a J2EE (Servlets & JSP MVC) application for use in the gov't sector. Apps in the gov't sector require account controls to be met IAW the following:

- Account Lockout after 3 failed login attempts
- Notification of failed login on next successful login
- Application account password changed every 60 days. If not, account is locked

I have a users table in the database that stores the username, password and role. I'm sure I have to add additional columns to capture failed login attempts etc but I wanted to know if someone has a good working solution or a good approach to suffice this requirement?
I agree. Here's the link:
subject: Account Management for Gov't Use
It's not a secret anymore!