User is Able to Login Into POS, Back Office and Central Office Application Even After N+1 Unsuccessful Login Attempts (Doc ID 2251864.1)

Last updated on APRIL 06, 2017

Applies to:

Oracle Retail Back Office - Version 14.1 and later
Information in this document applies to any platform.

Symptoms

In Oracle Retail Point of Service (ORPOS) 14.1,  user is able to login into ORPOS, Back Office and Central Office applications even after N+1 unsuccessful login attempts.
As per password policy configurations user has to be locked after "N" unsuccessful login attempts in ORPOS, Back Office and Central Office applications.


Steps to reproduce the issue:

Prerequisite: set the locked out parameter in DataBase to 6 attempts.

  1. Open the ORPOS, Back Office, Central Office application;
  2. Try logging into the application for 6 times with wrong password;
  3. In 7th attempt enter the correct password and notice that the user is logged in the application;
  4. Open the application again;
  5. Try logging into the application for 7 times with wrong password;
  6. In 8th attempt enter the correct password and notice that the user is locked the following message appears when correct password is inserted:

    "Password Lockout Logout You have been logged out of Back Office because your password has expired or you have exceeded the number of login attempts allowed by your administrator.
    Your password must be reset before you can login. Inform your supervisor. Select Login to return to the login page of Back Office."

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms