Comments Raised But not Addressed on https://github.com/wildfly/wildfly/pull/19582

1. Ondra's suggestion about aggregate-realm

Ondrej suggested adding a note about aggregate-realm to the NOTE section that mentions caching-realm, distributed-realm, and failover-realm:

I suggest to add also a note about the aggregate-realm:

"The brute force protection is not applied directly to the aggregate-realm as this maintains a 1:1 mapping to an authentication-realm which will have it's own brute force protection applied."

The current diff does not include any mention of aggregate-realm. This suggestion remains unaddressed.

Comments Noted for Future Work

Brian made several suggestions explicitly marked as "not for now" / "for the future":

1. Reconsider 'session' terminology in the future management API - suggests 'tracking-timeout' or 'tracker-timeout' instead
2. Consider 'identities' instead of 'sessions' for the max-cached-sessions parameter name in future API