Join GitHub today
Prevent disabled user from logging in on reactive applications #7113
In servlet applications, if a user account is disabled, locked or expired, then the user is not permitted to log in.
The reactive applications should behave like the servlet application by default, and prevent disabled, locked or expired accounts from logging in.
This functionality is handled by the pre and post authentication checks in the