7 Replies Latest reply on Nov 16, 2012 9:46 AM by ColinPurdon-Oracle

    OAM error messages: How to set max authn_try_count ?

      OAM 11g gives a set of External error codes (OAM-1 through OAM-7) which deals with usecases such as Invalid User ID, User account locked, User Account Disbaled, Invalid credentials etc.
      However, when user attempts to login, OAM allows a fixed number of attempts before throwing these errors. This is tracked by a request parameter: authn_try_count. The default no of attempts is 5. Until the 5th attempt, OAM just throws a generic OAM-1 error code which throws a generic message: "An incorrect Username or Password was specified".

      This causes a usability issue.It doesnt make much sense to ask the user to enter the credentials 5 times to let him know that his account was locked in the first place.
      Is there a way to set this threshold to 0, so that users can see the error messages in the first invalid attempt itself.

      Or, is it possible to propagte the underlying LDAP error messages to the external login page itself, so that incase of a Locked account scenario, the user can be given a relevant error message in the first attempt itself and may be subsequently redirected to an appropriate page.