Bad Password Count Cached in 18.104.22.168.0
(Doc ID 1544532.1)
Last updated on AUGUST 19, 2019
Applies to:Oracle WebCenter Portal - Version 22.214.171.124.0 to 126.96.36.199.0 [Release 11g]
Information in this document applies to any platform.
Active Directory (AD) bad password count is used to verify if a user is locked out (due to too many incorrect password entries) but it seems to be cached as the count stays at zero even when AD shows a higher number.
The code used is the following:
* Extracts the bad password count from AD.
* @param username - the username for which the bad password count is to be extracted.
public static String extractBadPasswordCount(String username)
return (String) UserMgmtUtil.extractUserPropertyFromAD(UserMgmtUtil.BAD_PASSWORD_COUNT_FIELD, username).get(0);
* Extracts a property from AD.
* @param property - the property to be extracted.
* @param username - the username for which the property should be extracted.
public static List extractUserPropertyFromAD(String property, String username)
_logger.entering("extractUserPropertyFromAD", "property: " + property + "; username: " + username);
// Get the user profile object
userProfile = getUserProfileFromAD(username);
userProperty = userProfile.getProperty(property).getValues();
private static UserProfile getUserProfileFromAD(String username)
final User user = WCSecurityUtility.getUserFromUserName(username);
if (user != null)
userProfile = user.getUserProfile();
throw new IMException("No user found in AD!!!");
catch (IMException e)
_logger.severe("Couldn't find user in AD for username " + username, e);
Is there a way to bypass this cache to make sure that the AD bad password count retrieved is always up-to-date?
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document