Account Lockout Notification is not Sent with Agile PLM Deployed in WebLogic

(Doc ID 1454942.1)

Last updated on DECEMBER 04, 2016

Applies to:

Oracle Agile PLM Framework - Version 9.2.2.4 and later
Information in this document applies to any platform.

Symptoms

When deployed in WebLogic, Agile PLM delegates the authentication to the WebLogic application. WebLogic will also handle the account lockout policy in this situation. WebLogic does not provide any sort of notification that an account has been locked out.


 The issue can be reproduced at will with the following steps.

  1. Enable User Lockout on WebLogic server and configure lockout settings as desired.
  2. Log into Agile Product Collaboration as an active user but with an invalid password.
  3. Repeat Step 2 until Lockout Threshold has been exceeded.
  4. Observe that WebLogic server does not send any sort of notification that Step 2 user has been locked out.
US medical device manufacturers require the lockout notification to comply with FDA 21CFR11.300(d).

Changes

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms