000021635 - RSA ClearTrust Runtime Java API failed authentication does not increment failed login count (ctscFailedLoginCount)

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021635
Applies ToRSA ClearTrust 5.5.2 Runtime Java API
IssueRSA ClearTrust Runtime Java API failed authentication does not increment failed login count (ctscFailedLoginCount)
When a failed login attempt occurs via RSA ClearTrust Runtime API, the count for the number of failed logins does not get incremented
CauseA ClearTrust system will not increment the number of failed login attempts that a user has unless the default password policy is changed to set a maximum number of password attempts. This is true for all types of logins and not restricted to the runtime API.
ResolutionTo correct this issue, either update the default password policy or configure a new policy that sets a maximum number of attempts for password retries. This can be done by using the following steps (from the main Administration GUI):
  1. Select Delegate Administration
  2. Select Manage Existing
  3. Click Edit next to Default Password Policy
  4. Now, look at the bottom of the form under Policy Lockout and toggle the radio button to Lock out a user after...
  5. Click Update

These specific steps should be modified to set the desired options for the lockout, as can be seen, it is possible to have a variety of settings around the lockout that can be tailored to meet your specific requirements.

Legacy Article IDa24036

Attachments

    Outcomes