Failed login count with Pega 7.2.1
SummaryWhen user uses the external authentication, the security policies does not get applied but user has requirement to filter client IP address, so they use PRCustom and created authentication activity.
On the activity they created password check and it acted correctly.
But the security policy does not work, they set "Failed login attempts before employing authentication lockout penalty" as "3", and when entered wrong password more than three times, nothing happens.
Error MessagesNot Applicable
Steps to ReproduceNot Applicable
Root CauseSecurity policies are not applied when custom authentication is used.
ResolutionPerform the following local-change:
For PRCustom authentication "authentication lockout penalty mechanism" can be enabled and is applicable only when "Use SSL" is enabled.
This can be enabled in the custom tab of Authentication Service rule.
Published April 13, 2017 - Updated May 2, 2017