This week's book giveaways are in the Refactoring and Agile forums.
We're giving away four copies each of Re-engineering Legacy Software and Docker in Action and have the authors on-line!
See this thread and this one for details.
Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Agile forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Account Management for Gov't Use

Ron Ingram
Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

I'm working on a J2EE (Servlets & JSP MVC) application for use in the gov't sector. Apps in the gov't sector require account controls to be met IAW the following:

- Account Lockout after 3 failed login attempts
- Notification of failed login on next successful login
- Application account password changed every 60 days. If not, account is locked

I have a users table in the database that stores the username, password and role. I'm sure I have to add additional columns to capture failed login attempts etc but I wanted to know if someone has a good working solution or a good approach to suffice this requirement?
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic