Support Article

Pega Exception when user logins with incorrect password

SA-30930

Summary



Pega throws up an exception page when user tries to login with an incorrect password more than three times. This is the case when there is no change in the Authentication or timeout activities. Pega should not throw an exception page in this case but display some message to user.

User added a custom authentication activity and this activity is successful even when the incorrect password limit is exceeded. The code fails after this activity is complete, possibly in the web-login page. The timeout activity is not invoked and the value of "pyWasTimedOut" is false also when the error occurred.


Error Messages



There has been an issue; please consult your system administrator.

Steps to Reproduce



Log into Pega with incorrect password for more than three times.

Root Cause



A defect in Pegasystems' code or rules

Resolution

  1. Add the DSS setting given below to increase the number of login Attempts.
    • Owning Ruleset: Pega-Engine
    • Setting Purpose: authentication/maxLoginAttemptsCount
  2. Apply HFix-30497.

Published November 30, 2016 - Updated January 16, 2017

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.