OpenSSO Not Enforcing DataStore Authentication Attempt Limits In a SITE Configuration

(Doc ID 2354093.1)

Last updated on MARCH 02, 2018

Applies to:

Oracle OpenSSO - Version 8.0.2 and later
Information in this document applies to any platform.

Symptoms

Multiple failed login attempts do not trigger temporary account lockout in a multi-server OpenSSO 8.0U2P5 environment

VERSION: 8.0U2 P4 and P5

1) Multiple OpenSSO  servers in a load balanced environment
2) Data store does not use the default “uid” attribute for user search , but use CN
3) Memory based lockout + persist to DataStore enabled
4) SDK caching enabled


Changes

None

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms