Announcement Announcement Module
No announcement yet.
Spring Security API 3.1 additional functionality requirement. Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Security API 3.1 additional functionality requirement.

    Hi all,

    We are trying to implement the spring security in web application. The functionalities user enabling/disabling, password encryption are fine. But we are looking for following functonalities as per company's security guide-lines.

    1. Password strength ( should be minimum 8 character length, must use special characters etc.)
    2. Auto-locking of user if maximum log-in attempts fail.
    3. Password must change at first log-in
    4. Password must be change in specific intervals.

    Is there is any in-built security features for the above, or we have to customized solution. we are using standard database schema provided with the Security API. I do not seen any column defined for above functionalities.

    Please help


    Narendra Dhande

  • #2
    You have to implement that yourself. Spring Security is about protecting resources it isn't user management (although there is a rudementary API for that).


    • #3
      Thanks Marten.