Support Article
Failed login count with Pega 7.2.1
SA-36456
Summary
When user uses the external authentication, the security policies does not get applied but user has requirement to filter client IP address, so they use PRCustom and created authentication activity.
On the activity they created password check and it acted correctly.
But the security policy does not work, they set "Failed login attempts before employing authentication lockout penalty" as "3", and when entered wrong password more than three times, nothing happens.
Error Messages
Not Applicable
Steps to Reproduce
Not Applicable
Root Cause
Security policies are not applied when custom authentication is used.
Resolution
Perform the following local-change:
For PRCustom authentication "authentication lockout penalty mechanism" can be enabled and is applicable only when "Use SSL" is enabled.
This can be enabled in the custom tab of Authentication Service rule.
Published May 2, 2017 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.