OpenSSO Not Enforcing DataStore Authentication Attempt Limits In a SITE Configuration
(Doc ID 2354093.1)
Last updated on MARCH 25, 2019
Applies to:Oracle OpenSSO - Version 8.0.2 and later
Information in this document applies to any platform.
Multiple failed login attempts do not trigger temporary account lockout in a multi-server OpenSSO 8.0U2P5 environment
VERSION: 8.0U2 P4 and P5
1) Multiple OpenSSO servers in a load balanced environment
2) Data store does not use the default “uid” attribute for user search , but use CN
3) Memory based lockout + persist to DataStore enabled
4) SDK caching enabled
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document