On 06/10/2019 20:31, Alex O'Ree wrote: > i have a password protected web app and would like to provide users with > the ability to self register for a new account. looks like the easiest way > to do this with tomcat is with a jdbc realm to protect the web app and > anonymous access to the self registration app. > > a few questions on this. > > is there a pre made app that could be used for the user account creation > app? i'll probably need something for admins to revoke accounts, disable > accounts, edit role memberships etc. ugh, and then there is user password > resets and complexity requirements... some kind of captcha thing to prevent > bots. i also need to track and report to the user when a password expires, > last login ip address and user agent field. quite a bit of stuff to write. > if there is something available that is asf license compatible, i'd love to > hear about it.
CAS: https://www.apereo.org/projects/cas I think CAS does everything you asked for. Spring Security is the other option that comes to mind but my understanding is that you'd need to build some of the management UIs yourself. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
