OAM 11g: When Incorrect Password Attempts Exceed DefaultRetryLimit, OAM Redirects to "Failure URL"
(Doc ID 1571525.1)
Last updated on OCTOBER 10, 2023
Applies to:
Oracle Access Manager - Version 11.1.2.0.0 and laterInformation in this document applies to any platform.
Goal
After login attempts with incorrect password exceeds DefaultRetryLimit configured in oam-config,xml, should OAM redirect to "Failure URL" configured in Protected Resource Policy or the "Password Service URL" in the Password Policy ?
Setup
- Authentication Protected Resource Policy is configured with "Failure URL".
- Protected Resource Policy is configured to use PasswordPolicyValidationScheme
- PasswordPolicyValidationScheme uses "Password Policy Validation Module" which invokes UserPasswordPolicyPlugin in UserPasswodStatus Step.
- Password Service URL is as "/oam/pages/pswd.jsp" (Default)
- oam-config.xml file has DefaultRetryLimit set to 5
- max attempts is password policy is set to 5 as well.
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |