|Applies To||RSA ClearTrust 5.5.2 Runtime Java API|
|Issue||RSA ClearTrust Runtime Java API failed authentication does not increment failed login count (ctscFailedLoginCount)|
When a failed login attempt occurs via RSA ClearTrust Runtime API, the count for the number of failed logins does not get incremented
|Cause||A ClearTrust system will not increment the number of failed login attempts that a user has unless the default password policy is changed to set a maximum number of password attempts. This is true for all types of logins and not restricted to the runtime API.|
|Resolution||To correct this issue, either update the default password policy or configure a new policy that sets a maximum number of attempts for password retries. This can be done by using the following steps (from the main Administration GUI): |
These specific steps should be modified to set the desired options for the lockout, as can be seen, it is possible to have a variety of settings around the lockout that can be tailored to meet your specific requirements.
|Legacy Article ID||a24036|