I've an issue/prob;em with the below code on the methods of IUserAccount class API:
As per the IUserAccount class,
- checkPassword() method will return a boolean value
- checkPasswordExtended() method will return int value comparable with ILoginConstants constants against the returned code
Both method works fine, when the user passes the correct password, but on the even of the wrong password passed by the users > and either of the method is called > it increaments the getFailedLogonAttempts() value by one
IS THIS THE DEFAULT BEHAVIOR IS EXPECTED FROM THESE METHODS??? OR ARE THERE ANY OTHER ALTERNATIVES TO CHECK THE PASSWORD ENTERED BY USER?
Problem: I've a customized login page for 7.3 > I use one of these methods to checkPassword and show error mesgs >
1. and on the event of first wrong password entered by user > instead of getFailedLogonAttempts() to return '1', it returns '3' .. and this a puzzle from where the other 2 authenications are taking place???
2. if the user entered second time wrong passwd > the getFailedLogonAttempts() to return '6' and locks the user (as 6 is max)