Authentication security module disable account [Since XWiki 11.6 RC1]
Last modified by Ilie Andriuta on 2022/05/03 09:28
Steps to reproduce
- Login as Admin
- Go to Administer Wiki > Users & Rights > Authentication
- On 'Failure Strategies' select 'Disable account'
- On 'Maximum number of authorized attempts' set 4 and 'Save'
- Create an user (e.g. U1)
- Logout
- Click on Drawer > Log-in
- Fill the user's name (U1) and a wrong password
- Click Log-in
- Repeat Steps 7 and 8 three times more
- Login as Admim
- Go to user's (U1) profile page and enable its account
- Logout
- Fill in the username and correct password for the user
- Click Log-in
Expected results
- The failure strategy is triggered whenever there are a number of failed attempts (according to the setting) in a given time window (default 300 s).
- When the max number of authorized attempts is reached, the account is disabled and the following message is displayed: 'Error: This account has been disabled. Please ask the administrator to enable it back.'
- The user can login successfully after its account was enabled by Admin.
Results
| per page of Previous Page Next Page Page | |||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||
| Previous Page Next Page Page | |||||||||||||||||||||||||||||||||