-
Bug
-
Resolution: Fixed
-
Major
-
None
-
None
-
Local Exchange instance
Authentication method : Using authentication form password
-
4.8.0 M3, 4.8.0 M5
Use case :
1. The user authenticates to the intranet
2. The user changes his password (without closing the browser and the intranet page)
3. After the cache lifetime (Ex : 5 minutes) connexion try is done once per minute with wrong password
4. When the counter of fails reaches a threshold (Ex: 5 errors), the user account is blocked.
So as to avoïd user accounts to be blocked in that case, increasing caching connexion error duration to value equal to Cache lifetime duration set in config would be better.
Currently caching connexion error duration is set to 30s