[OPENAM-15122] Immediate Lockout after First Failed Attempt Instead of Third Attempt for Login1FA API - ForgeRock JIRA

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 6.5.0.2
Fix Version/s: None
Component/s: API descriptor, web services
Labels:
- EDISON
Environment:
RHEL 6.5

Target Version/s:

6.5.0.2

Support Ticket IDs:

Description

Bug description

Using the Login1FA API we are getting an immediate error wherein the User failed to login that account will be automatically locked.

So, instead of the default of 3 retries, at the first failed login attempt that user is immediately locked.

How to reproduce the issue

Using POSTMAN make a POST request using Login1FA supply the username and INCORRECT password of the user.
You should be able to see the Account being Locked.

Expected behaviour

After the first failed attempt the user will be able to try for the second and third attempt.

Current behaviour

After the first failed attempt the account of the user is being LOCKED.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

1FA_Logs_09242019.txt
10 kB
24/Jun/19 7:22 AM

Activity

People

Assignee:

Unassigned

Reporter:

Johnpel Quingua

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

24/Jun/19 7:46 AM

Updated:

01/Jul/19 11:39 AM