thanks i'll look into it On Mon, Oct 7, 2019 at 3:36 AM Mark Thomas <ma...@apache.org> wrote:
> On 06/10/2019 20:31, Alex O'Ree wrote: > > i have a password protected web app and would like to provide users with > > the ability to self register for a new account. looks like the easiest > way > > to do this with tomcat is with a jdbc realm to protect the web app and > > anonymous access to the self registration app. > > > > a few questions on this. > > > > is there a pre made app that could be used for the user account creation > > app? i'll probably need something for admins to revoke accounts, disable > > accounts, edit role memberships etc. ugh, and then there is user password > > resets and complexity requirements... some kind of captcha thing to > prevent > > bots. i also need to track and report to the user when a password > expires, > > last login ip address and user agent field. quite a bit of stuff to > write. > > if there is something available that is asf license compatible, i'd love > to > > hear about it. > > CAS: > https://www.apereo.org/projects/cas > > I think CAS does everything you asked for. > > Spring Security is the other option that comes to mind but my > understanding is that you'd need to build some of the management UIs > yourself. > > Mark > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
