[OFBiz] Users - Unable to change password

Alexander Heiss aheiss at prosodiemail.com
Tue Aug 3 15:24:43 EDT 2004 

Ian, others,

The max.failed.logins setting in the security component config directory
allows you to set the amount of unsuccessful attempts before an account is
locked.  Lockout times and other helpful security settings can also be found
in this file.

We've also had similar reports of users unable to login, but after a little
digging, we found that they were simply using the wrong username/password :O

Hope this helps,
-Alex


> -----Original Message-----
> From: Ian Gilbert [mailto:ian at ethicalshopper.co.uk]
> Sent: Tuesday, August 03, 2004 1:52 PM
> To: users at ofbiz.dev.java.net
> Subject: Re: [OFBiz] Users - Unable to change password
>
>
> I have also had some reports of people being locked out of their accounts.
>  I haven't had time to investigate yet and it doesn't seem to be too
> widespread.  Is there a 'lockout after x unsuccessful tries' option that
> might be checked?
>
> Ian
>
> > I'm not sure if I completely understand your problem. Are you setting
> > these accounts as disabled? When changing the user's password, it
> > should not change the enabled status unless you modify it. So, if you
> > are adding these users in as disabled, you will need to manually enable
> > them when you change the password.
> >
> > -Z
> >
> > On Aug 3, 2004, at 1:06 PM, Sean Yee wrote:
> >
> >>
> >> Hi!
> >>
> >> I have generated some passwords for users of my webapp.  I load them
> >> into ofbiz by using the meta-data files (Security.xml, etc...).
> >>
> >>  I wish to have each user login and be able to change their own
> >> password.  I am able to change the password successfully, but the user
> >> is disabled right away because of other unwanted field values (Enabled
> >> = N, DisabledDateTime = SYSDATE, etc..).
> >>
> >> I know that this is the result of the invocation of
> >> LoginServices.userLogin(), but I do not want to modify this method
> >> because it is also used by other webapps (webtools, partymgr, etc..).
> >>
> >>  Is it possible to just have the "currentPassword" updated in the
> >> UserLogin entity?
> >>
> >> Sean
> >>  ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe at ofbiz.dev.java.net For
> >> additional commands, e-mail: users-help at ofbiz.dev.java.net
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe at ofbiz.dev.java.net
> For additional commands, e-mail: users-help at ofbiz.dev.java.net


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe at ofbiz.dev.java.net
For additional commands, e-mail: users-help at ofbiz.dev.java.net

More information about the Users mailing list