Menu
Newbie question... I've successfully implemented custom handlers and service (Custom User Details Service, Authentication Success, Authentication Failure) and everything working fine. I've now also implemented functionality that will lock an account (for a certain amount of time) if they fail authentication 3 concurrent times.
I'm now moving on to handle the scenario when a user attempts to authenticate when they have an account lock. If the lock is active > authentication should not be attempted and user redirected to locked account page/error. If the lock has expired > the lock should be removed and authentication proceeds as normal
In the case where the account lock is active - I’ve tried implementing this in my Custom Authentication Success Handler but despite successfully forwarding the user to an account lock error page – it’s too late as the application has already authenticated the user and the user is successfully able to access secure pages directly (which is obviously wrong as their account should be locked).
I started playing around but I thought I'd check on here first for a more standard/elegant solution/approach. Should I be performing this check and actions in the Custom User Details Service or is there a pre-Authentication handler that I could implement before the user even hits Custom User Details Service? Any help or advice on where/how I could handle this will be much appreciated
511
asked Feb 06 '26 02:02
In your UserDetails implementations, pass true to the following values
For more details you can check the public void check(UserDetails user) in AbstractUserDetailsAuthenticationProvider class. Hope this helps somebody.
54
Use the following four methods as true in the UserDetails implementation class in order to prevent locking of your test account.
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With