Support Article
Custom Authentication - increase max login attempts
SA-25434
Summary
User has setup a custom sign-on for their application. The entered values are validated in the system in the login process. They have customized login form & authentication activity and both are referenced from Authentication Service. When the end user tries to enter the login credentials and enters them incorrect three times they gets the below error on screen -
Status fail
Message Authentication Failed.
Operator ID Unauthenticated or not available
Requestor ID none
Timestamp Fri Jul 01 09:45:05 MST 2016
Engine Version PegaRULES 7.10 ML7 (coreAssemblyCached_717_644)
Need a mechanism to continuously show the same login form to the end user or else show a user friendly message, asking them to close the browser session and retry in a new window.
Error Messages
Status fail
Message Authentication Failed.
Operator ID Unauthenticated or not available
Requestor ID none
Timestamp Fri Jul 01 09:45:05 MST 2016
Engine Version PegaRULES 7.10 ML7 (coreAssemblyCached_717_644)
Steps to Reproduce
- Use a customized login form and an authentication service.
- Keeping the authentication activity OOTB.
- Now, try to login with invalid credentials three times.
- System will give error message on screen, which can't be understood by the user.
Root Cause
When using the PRCustom authentication type the max login attempts can be controlled by a Dynamic System setting. The default max login attempts is 3.
Resolution
You can add this following Dynamic System Setting and adjust to a higher number to meet your needs.Ruleset: Pega-Engine
Setting: authentication/maxLoginAttemptsCount
Value: integer > 0
Published July 10, 2016 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.