Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-15122

Immediate Lockout after First Failed Attempt Instead of Third Attempt for Login1FA API

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 6.5.0.2
    • Fix Version/s: None
    • Labels:
    • Environment:
      RHEL 6.5
    • Target Version/s:
    • Rank:
      1|hzyj87:
    • Support Ticket IDs:

      Description

      Bug description

      Using the Login1FA API we are getting an immediate error wherein the User failed to login that account will be automatically locked. 

      So, instead of the default of 3 retries, at the first failed login attempt that user is immediately locked.

      How to reproduce the issue

      1. Using POSTMAN make a POST request using Login1FA supply the username and INCORRECT password of the user.
      2. You should be able to see the Account being Locked.
      Expected behaviour
      After the first failed attempt the user will be able to try for the second and third attempt.
      Current behaviour
      After the first failed attempt the account of the user is being LOCKED.
      
      

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            jquingua Johnpel Quingua
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: