OAM 11g: When Incorrect Password Attempts Exceed DefaultRetryLimit, OAM Redirects to "Failure URL"
Last updated on SEPTEMBER 28, 2016
Applies to:Oracle Access Manager - Version 18.104.22.168.0 and later
Information in this document applies to any platform.
After login attempts with incorrect password exceeds DefaultRetryLimit configured in oam-config,xml, should OAM redirect to "Failure URL" configured in Protected Resource Policy or the "Password Service URL" in the Password Policy ?
- Authentication Protected Resource Policy is configured with "Failure URL".
- Protected Resource Policy is configured to use PasswordPolicyValidationScheme
- PasswordPolicyValidationScheme uses "Password Policy Validation Module" which invokes UserPasswordPolicyPlugin in UserPasswodStatus Step.
- Password Service URL is as "/oam/pages/pswd.jsp" (Default)
- oam-config.xml file has DefaultRetryLimit set to 5
- max attempts is password policy is set to 5 as well.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms