In Alfresco 5.2 one of the ldap user is not able to login. He was able to login in the past. Also user can login to test environment using same ldap password. Can someone please suggest if there in anything changed in 5.2 Authentication method.
Solved! Go to Solution.
I have changed the parameter authentication.protection.enabled to false and have restart the app. It solves the problem. Thank you, everyone.
There is no change to the login mechanism.
1. please check the error in Share.log
2. check if you can connect to LDAP using the the principal user name and password
3. check if LDAP is added to Directory Management in Admin Console
Hi:
No change in authentication method in 5.2, but some security helpers are activated by default for brute force attacks. So in some cases, if the user fails repeatly when login, the account may be temporaly disabled.
Mitigating brute force attack on user passwords | Alfresco Documentation
Other possibilities may be related with the expiration of the user account in the ldap, or the user is not included now in ldap sync query.
Regards.
--C.
I can see the below error in the log file.
2018-09-26 09:03:43,823 WARN [security.authentication.AuthenticationServiceImpl] [http-bio-8443-exec-5694] Brute force attack was detected for user: jc****
So. what should I do in this case.
Check this tutorial.
Mitigating brute force attack on user passwords | Alfresco Documentation
I have changed the parameter authentication.protection.enabled to false and have restart the app. It solves the problem. Thank you, everyone.
Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.
Related links:
By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods). If you are not ok with these terms, please do not use this website.