search cancel

SMUSRMSG does not have account locked message


Article ID: 199690


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER



We're running a Web Agent, and when user tries over the max of 4 login
attempt (Authreason=24), the SMUSRMSG cookies keeps returning :

  "Invalid credential. Please retry.."

How can we have a more specific message here as "Max login attempts
reached ..." ?




At first glance, the behavior is the one you see out of the box. The
SMUSRMSG cookie will be produced on the following 2 use cases only :

  Introduction to SMUSRMSG Cookie

    I. User Password is expired. The cookie contains reason indicating
       why cookie expired.

    II. During Force Password change flow when the new password doesn't
        meet the password complexity requirement. The cookie contains
        reason that explains why the new password failed to be set against
        the password policy.

and from documentation :

  How Response Attributes Work with Web Agents

So in order to get the specific message you need, you have to
implement SmAuthenticationContext.setUserText() API in the Custom
Authentication Scheme.