In Alfresco 5.2 one of the ldap user is not able to login. He was able to login in the past. Also user can login to test environment using same ldap password. Can someone please suggest if there in anything changed in 5.2 Authentication method.
In Alfresco 5.2 one of the ldap user is not able to login. He was able to login in the past. Also user can login to test environment using same ldap password. Can someone please suggest if there in anything changed in 5.2 Authentication method.
There is no change to the login mechanism.
1. please check the error in Share.log
2. check if you can connect to LDAP using the the principal user name and password
3. check if LDAP is added to Directory Management in Admin Console
Hi:
No change in authentication method in 5.2, but some security helpers are activated by default for brute force attacks. So in some cases, if the user fails repeatly when login, the account may be temporaly disabled.
Mitigating brute force attack on user passwords | Alfresco Documentation
Other possibilities may be related with the expiration of the user account in the ldap, or the user is not included now in ldap sync query.
Regards.
--C.
I can see the below error in the log file.
2018-09-26 09:03:43,823 WARN [security.authentication.AuthenticationServiceImpl] [http-bio-8443-exec-5694] Brute force attack was detected for user: jc****
So. what should I do in this case.
I have changed the parameter authentication.protection.enabled to false and have restart the app. It solves the problem. Thank you, everyone.
I have changed the parameter authentication.protection.enabled to false and have restart the app. It solves the problem. Thank you, everyone.