I have Apache Shiro running, but I need it running WITHPKI Authentication, in addition to the following requirements:
Need to use JAVA and RUN ON TOMCAT 8
· The system shall prevent brute-force password guessing by disabling user accounts after three incorrect login attempts.
· The system shall enforce password requirements for username / password complexity:
o Minimum of 14 characters in lengt
o Must contain all of the following character sets: uppercase letters, lowercase letters, numeric digits, special characters.
o Must contain no more than three consecutive characters from the four character classes above
o Must not contain the user's login or name
o Must be changed every 180 days and each change must:
A
§ Have at least a four character modification from the prior password
§ Not be a reused password from the previous 10 generation
§ Be restricted to a one-day minimum and 180 day maximum between password changes
Only need the code and any configuration files to go along with it.