[wsas-java-dev] Security improvements to WSAS
Afkham Azeez
azeez at wso2.com
Sun Feb 4 21:27:10 PST 2007
We need to force the Admin user to change the default password the first
time he tries to login, since there is a possibility someone may forget
to change this when WSAS is used in production.
Also, we need to have some audit trails for;
1. Detecting admin login IP address & time of login
2. Detecting failed login attempts, IP address & time.
I have made the necessary changes to log & persist the above events. We
need to make the corresponding changes to the UI.
--
Afkham Azeez
GPG Fingerprint: 643F C2AF EB78 F886 40C9 B2A2 4AE2 C887 665E 0760
http://www.wso2.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : http://wso2.org/pipermail/wsas-java-dev/attachments/20070205/4ef7df18/signature.pgp
More information about the Wsas-java-dev
mailing list