users@glassfish.java.net

Is Glassfish j_security_check secure against brute force attacks

From: <forums_at_java.net>
Date: Thu, 5 May 2011 02:13:16 -0500 (CDT)

 I'm building a Web application that would go live soon. I want to use a
JDBC Realm and the default glassfish j_security_check to authenticate my
users. however It seems pretty simple to me. I want to be able to prevent
brute force attacks on my site. so far, putting in the wrong user name and
password multiple times doesn't seem to cause any kind of red flag to be
raised.

I understand that the other option will be to create custom login modules and
callback handlers etc. but I would really like to keep things as simple as
possible.I would appreciate if anyone can tell me the various security
features that glassfish offers.

Thanks


--
[Message sent by forum member 'greenkode']
View Post: http://forums.java.net/node/798494