I agree with david. snowc sent the following on 9/5/2009 8:46 PM: > Thanks BJ, I have commented out the code in LoginServices.java. > > Thinking a bit deeper about the admin screen behaviour - why would admin > only want to temporarily disable an account for 5 minutes? > > > BJ Freeman wrote: >> you can recode the re-activation service so if there is no date it will >> not re-activate. >> >> >> snowc sent the following on 9/5/2009 7:53 PM: >>> In MHO, while not permanently disabling accounts for failed logins may be >>> desirable, this behaviour is not desirable for the admin interface. The >>> default for the admin interface should be to permanently disable the >>> account. >>> >>> >>> David E Jones wrote: >>>> The reason for this (which is configuration in the security.properties >>>> file, BTW, and is documented in the production setup guide) is that >>>> repeated login attempts usually cause an account to be disabled, but >>>> people usually don't want permanent disabling because of the internal/ >>>> customer service headaches. Enabling after five minutes (and telling >>>> the user that will happen) still makes brute-force password guessing >>>> attacks pretty much impossible, but gives the user a way to get back >>>> in without making a phone call. >>>> >>>> -David >>>> >>>> >>>> On Jul 1, 2008, at 3:09 PM, Robert Volke wrote: >>>> >>>>> Wow, that did the trick. When I first saved the Enabled flag change >>>>> to N, it automatically populated the disabled date, so I deleted >>>>> this date and saved the change again. Now the disabled admin can no >>>>> longer login. It looks like if you simply disable an account and >>>>> leave the time stamp, it will automatically enable again in 5 >>>>> minutes. I'm not sure why it does this, and I didn't see a way to >>>>> change the end date for the disable so I'm going to inform my users >>>>> to use this work around. >>>>> >>>>> Thank you for all of the help, >>>>> Robert Volke >>>>> >>>>>>>> Bilgin Ibryam <[email protected]> 7/1/2008 3:53:22 PM >>> >>>>> Hi Robert, >>>>> >>>>> try to set the Enabled Flag to "N" WITHOUT Disabled Date Time. >>>>> >>>>> Bilgin >>>>> >>>>> ---------------------------------------------------------------- >>>>> This message was sent using IMP, the Internet Messaging Program. >>>>> >>>>> >>>> >> -- >> BJ Freeman >> http://www.businessesnetwork.com/automation >> http://bjfreeman.elance.com >> http://www.linkedin.com/profile?viewProfile=&key=1237480&locale=en_US&trk=tab_pro >> Systems Integrator. >> >> >> >
-- BJ Freeman http://www.businessesnetwork.com/automation http://bjfreeman.elance.com http://www.linkedin.com/profile?viewProfile=&key=1237480&locale=en_US&trk=tab_pro Systems Integrator.
