last access date is updated also after a login failure
------------------------------------------------------
Key: MAGNOLIA-2917
URL: http://jira.magnolia-cms.com/browse/MAGNOLIA-2917
Project: Magnolia
Issue Type: Bug
Components: core
Affects Versions: 4.2-m1, 4.1.1, 4.0.3
Reporter: Fabrizio Giustina
Assignee: Fabrizio Giustina
Priority: Minor
Fix For: 4.2
The "last access date" information for users (available under the tools menu in
admin central) is updated not only when the user logs in, but also for any
failed login.
If you try logging in with superuser/wrongpassword you will see the last access
date for superuser updated.
The setLastAccess() call is actually in MgnlUserManager, before the password
validation. It should be moved to JCRAuthenticationModule after a successful
authentication.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.magnolia-cms.com/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
----------------------------------------------------------------
For list details see
http://www.magnolia-cms.com/home/community/mailing-lists.html
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------
