Implementing Account Lockout Feature in Vaadin Application

Hello,

I’m currently developing a Vaadin application and I need some help with the authentication process. Specifically, I want to implement a feature that locks out a user after a certain number of incorrect password attempts.

Here’s what I have in mind: When a user tries to log in, we’ll check if their password is correct. If it’s incorrect, we’ll increment a counter associated with their account. If the counter reaches a certain number (say, 3 incorrect attempts), we’ll then block the user’s account.

I understand that this feature should be implemented at the security layer of the application, but I’m not sure how to modify the Vaadin security configuration to do this. Could anyone guide me on how to achieve this? Any code examples or documentation references would be greatly appreciated.

Thank you in advance for your help!