OpenSSO: AuthLoginException Message not Meaningful when Authenticating User is Locked
Last updated on SEPTEMBER 21, 2016
Applies to:Oracle OpenSSO - Version: 6.3 to 8.0 - Release: 6.0 to 8.0
Information in this document applies to any platform.
Directory server lockouts are configured for users after X unsuccessful login attempts.
When you, an OpenSSO user, get locked out of the directory server (or "DS") after having unsuccessfully attempted to log into OpenSSO X times,
the DS throws a constraint violation error when OpenSSO tries to bind to the DS using your credentials.
OpenSSO logs this constraint violation as a general authentication failure in AuthLoginException and displays an incorrect error message to you.
The incorrect error message you will see is, "Authentication Failed".
You would like OpenSSO to log a more meaningful error,
such as a "This user is not active" message,
when a user is locked out of the directory server after a sequence of failed
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms