Pega Exception when user logins with incorrect password
SummaryPega throws up an exception page when user tries to login with an incorrect password more than three times. This is the case when there is no change in the Authentication or timeout activities. Pega should not throw an exception page in this case but display some message to user.
User added a custom authentication activity and this activity is successful even when the incorrect password limit is exceeded. The code fails after this activity is complete, possibly in the web-login page. The timeout activity is not invoked and the value of "pyWasTimedOut" is false also when the error occurred.
Error MessagesThere has been an issue; please consult your system administrator.
Steps to ReproduceLog into Pega with incorrect password for more than three times.
Root CauseA defect in Pegasystems' code or rules
- Add the DSS setting given below to increase the number of login Attempts.
- Owning Ruleset: Pega-Engine
- Setting Purpose: authentication/maxLoginAttemptsCount
- Apply HFix-30497.
Published November 30, 2016 - Updated January 16, 2017