-
Jul 10th, 2012, 04:23 AM
#1
Spring Security API 3.1 additional functionality requirement.
Hi all,
We are trying to implement the spring security in web application. The functionalities user enabling/disabling, password encryption are fine. But we are looking for following functonalities as per company's security guide-lines.
1. Password strength ( should be minimum 8 character length, must use special characters etc.)
2. Auto-locking of user if maximum log-in attempts fail.
3. Password must change at first log-in
4. Password must be change in specific intervals.
Is there is any in-built security features for the above, or we have to customized solution. we are using standard database schema provided with the Security API. I do not seen any column defined for above functionalities.
Please help
Regards
Narendra Dhande
-
Jul 10th, 2012, 06:02 AM
#2
You have to implement that yourself. Spring Security is about protecting resources it isn't user management (although there is a rudementary API for that).
-
Jul 10th, 2012, 08:27 AM
#3
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Reply With Quote