After 3 attempts at authenticating in the WAMUI the user is not disabled

Article Id: 7578

Status: Published

Updated On: 14-02-2018 08:18

Legacy Id: TEC1304352

Products:

CA Single Sign On Secure Proxy Server (SiteMinder) , AXIOMATICS POLICY SERVER , CA Single Sign On SOA Security Manager (SiteMinder) , CA Single Sign-On , CA Single Sign-On

Issue/Introduction:

We have protected the WAM UI using Siteminder.

The document used for reference is under

https://support.ca.com/irj/portal/anonymous/kbtech?searchID=TEC569112&docid=569112&bypass=yes&fromscreen=kbresults

But after entering the password incorrectly 3 times - the WAM UI redirects the user to a error screen.

But it does not lock out the user: if the user tries with the correct password the user will be able to login again.

Cause:

When Administrative Authentication is configured for WAMUI, WAMUI creates a User Directory object along with Domain for protecting the WAMUI for performing authentication and authorization. WAMUI hides this User Directory object from displaying by verifying if description has * Please do not edit this - used by SM Auth domain * text. Hence we will not be able to apply password polices for his User Directory which is causing auditing issues.

Environment:

CA SSO 12.51 build 975

Resolution:

This issue is resolved in SiteMinder 12.51 CR05 and in 12.52SP1CR01

Release notes :

https://docops.ca.com/ca-single-sign-on/12-51/en/release-notes/cumulative-releases-for-12-51/defects-fixed-in-ca-siteminder-12-51-cr05#DefectsFixedinCASiteMinder12.51CR05-PolicyServer

https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/release-notes/cumulative-releases/defects-fixed-in-12-52-sp1-cr01#DefectsFixedin12.52SP1CR01-PolicyServer