OIM 11g: XL.MaxPasswordResetAttempts System Property is Ignored when Trying to Change User Password in Self-service (Doc ID 1375869.1)

Last updated on NOVEMBER 03, 2016

Applies to:

Identity Manager - Version 11.1.1.5.0 and later
Information in this document applies to any platform.
**Checked for Relevance 20-Sep-2013**

Symptoms

Whatever the value set for the XL.MaxPasswordResetAttempts system property, when trying to change user password in self-service by providing an incorrect old password, user is still locked out after 5 attempts.

How to exhibit this problem :

1) Suppose XL.MaxPasswordResetAttempts system property has value 10
2) Login to OIM as any "normal" user.
3) Go to Profile->Security->Change Password.
4) Try to change password by providing wrong old password 5 times (each time, get "The password change operation failed while validating old password." popup)

User is locked when it tries to login again and an error message is displayed : "Invalid sign in."

The following traces show up in OIM log file :

<Nov 8, 2011 4:53:28 PM CET> <Error> <OIM Authenticator> <BEA-000000> <Authentication of user testuser1 failed because of invalid password>
<Nov 8, 2011 4:53:28 PM CET> <Notice> <Security> <BEA-090078> <User testuser1 in security realm myrealm has had 5 invalid login attempts, locking account for 30 minutes.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms