Tim,
On 4/8/21 09:11, Tim K wrote:
On Wed, Apr 7, 2021, 3:43 PM Christopher Schultz <
ch...@christopherschultz.net> wrote:
You can't, using the existing API.
You might be able to do it with some nasty ThreadLocal solution, but I
think you are stuck without resorting to legerdemain.
-chris
Would it be possible to implement a new feature to the existing realm API
so it can accommodate messages passed back to the front end?
I have some sketches of something like this literally on paper somewhere
around here to create an interface for applications subscribe to
authentication events. It would, for example, allow you to write a
"failed login" record to your database that includes not only the user's
username who failed, but also their IP address (which comes from the
request, of course.
Would that kind of thing help in your use-case?
For example, when using the LockoutRealm, is there from the front-end
to alert the user that they are actually locked out?
No, it doesn't do that. You simply get an authentication failure.
Something I hadn't considered was the potential flexibility of the
JASPIC authenticator, which may be able to do stuff like this. I have
never dived-into how all that works.
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
