https://bz.apache.org/bugzilla/show_bug.cgi?id=63336
Mark Thomas <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- OS| |All Resolution|--- |WONTFIX Status|NEW |RESOLVED --- Comment #1 from Mark Thomas <[email protected]> --- This has been discussed previously and will not be implemented in Tomcat since informing an attacker that an account has been locked is a (minor) security vulnerability. Users are free to extend Tomcat to provide this functionality in their apps if they wish. Requests to modify Tomcat to make this sort of extension easier are likely to be looked on favourably - especially if patches are provided. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
