Package com.broadleafcommerce.auth.user.autoconfigure

Class UserLockoutProperties

java.lang.Object
com.broadleafcommerce.auth.user.autoconfigure.UserLockoutProperties
@ConfigurationProperties(prefix="broadleaf.auth.user-lockout") public class UserLockoutProperties extends Object
Optional properties when handling user lockout due to failed login attempts. These will be used if no lockout settings are present on an authorization server. If no default lockout behavior is desired, these properties should not be set. See also AuthorizationServer

  • Constructor Details

    • UserLockoutProperties

      public UserLockoutProperties()

  • Method Details

    • getFailedLoginAttemptsAllowed

      public Integer getFailedLoginAttemptsAllowed()
      How many failed login attempts are allowed before a user is locked out. Zero or null indicates unlimited login attempts.

    • getFailedResetPasswordAttemptsAllowed

      public Integer getFailedResetPasswordAttemptsAllowed()
      How many failed reset password attempts are allowed before a user is locked out. Zero or null indicates unlimited reset password attempts.

    • getFailedChangePasswordAttemptsAllowed

      public Integer getFailedChangePasswordAttemptsAllowed()
      How many failed change password attempts are allowed before a user is locked out. Zero or null indicates unlimited change password attempts.

    • getLockoutDurationMinutes

      public Long getLockoutDurationMinutes()
      The time, in minutes, a user is locked out if they exceed the allowed number of failed login attempts. Null indicates unlimited lockout duration.

    • getLoginFailDecayMinutes

      public Long getLoginFailDecayMinutes()
      How long, in minutes, it takes for failed login attempts to "decay". Failed login attempts that have decayed will not be taken into account when determining if a user should be locked out. Null indicates attempts never decay.

    • getResetPasswordFailDecayMinutes

      public Long getResetPasswordFailDecayMinutes()
      How long, in minutes, it takes for failed reset password attempts to "decay". Failed reset password attempts that have decayed will not be taken into account when determining if a user should be locked out. Null indicates attempts never decay.

    • getChangePasswordFailDecayMinutes

      public Long getChangePasswordFailDecayMinutes()
      How long, in minutes, it takes for failed change password attempts to "decay". Failed change password attempts that have decayed will not be taken into account when determining if a user should be locked out. Null indicates attempts never decay.

    • isResetPasswordUnlocksUser

      public boolean isResetPasswordUnlocksUser()
      If true, a password reset action will unlock a user on a successful password reset action. Default value is false.

    • isLockedUserCanResetPassword

      public boolean isLockedUserCanResetPassword()
      If true, a locked user can trigger a password reset. Default value is false.

    • setFailedLoginAttemptsAllowed

      public void setFailedLoginAttemptsAllowed(Integer failedLoginAttemptsAllowed)
      How many failed login attempts are allowed before a user is locked out. Zero or null indicates unlimited login attempts.

    • setFailedResetPasswordAttemptsAllowed

      public void setFailedResetPasswordAttemptsAllowed(Integer failedResetPasswordAttemptsAllowed)
      How many failed reset password attempts are allowed before a user is locked out. Zero or null indicates unlimited reset password attempts.

    • setFailedChangePasswordAttemptsAllowed

      public void setFailedChangePasswordAttemptsAllowed(Integer failedChangePasswordAttemptsAllowed)
      How many failed change password attempts are allowed before a user is locked out. Zero or null indicates unlimited change password attempts.

    • setLockoutDurationMinutes

      public void setLockoutDurationMinutes(Long lockoutDurationMinutes)
      The time, in minutes, a user is locked out if they exceed the allowed number of failed login attempts. Null indicates unlimited lockout duration.

    • setLoginFailDecayMinutes

      public void setLoginFailDecayMinutes(Long loginFailDecayMinutes)
      How long, in minutes, it takes for failed login attempts to "decay". Failed login attempts that have decayed will not be taken into account when determining if a user should be locked out. Null indicates attempts never decay.

    • setResetPasswordFailDecayMinutes

      public void setResetPasswordFailDecayMinutes(Long resetPasswordFailDecayMinutes)
      How long, in minutes, it takes for failed reset password attempts to "decay". Failed reset password attempts that have decayed will not be taken into account when determining if a user should be locked out. Null indicates attempts never decay.

    • setChangePasswordFailDecayMinutes

      public void setChangePasswordFailDecayMinutes(Long changePasswordFailDecayMinutes)
      How long, in minutes, it takes for failed change password attempts to "decay". Failed change password attempts that have decayed will not be taken into account when determining if a user should be locked out. Null indicates attempts never decay.

    • setResetPasswordUnlocksUser

      public void setResetPasswordUnlocksUser(boolean resetPasswordUnlocksUser)
      If true, a password reset action will unlock a user on a successful password reset action. Default value is false.

    • setLockedUserCanResetPassword

      public void setLockedUserCanResetPassword(boolean lockedUserCanResetPassword)
      If true, a locked user can trigger a password reset. Default value is false.

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object

    • canEqual

      protected boolean canEqual(Object other)

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • toString

      public String toString()
      Overrides:
      toString in class Object