Account lockout after failed attempts
-------------------------------------
Key: DOCU-148
URL: http://jira.magnolia-cms.com/browse/DOCU-148
Project: Documentation
Issue Type: Task
Security Level: Public
Reporter: Antti Hietala
Assignee: Ruth Stocks
[MAGNOLIA-3557] is a new security feature that locks an account out after a
number of failed login attempts. This feature is available starting with
Magnolia 4.4.3 and needs to be documented.
The feature is configurable in {{/server/security/userManagers}} and works for
SystemUserManager and MgnlUserManager classes. Maximum number of attempts that
triggers a lockout is 5 by default. Value 0 disables the function. Lockout is
implemented by setting the {{user.enabled}} property to {{false}}. A lock can
be removed by an administrator by enabling the user again in the user edit
dialog (checkbox)
Document in:
* [http://documentation.magnolia-cms.com/administration/security/users.html]
* [http://documentation.magnolia-cms.com/usermanual4/gettingstarted.html]
* [http://documentation.magnolia-cms.com/technical-guide/security.html]. Edit
[source in Google
Docs|https://docs.google.com/Doc?docid=0AbdnFchPQx8cZGdkeHQzM3FfMzMzdDVwOGNnZjM&hl=en].
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.magnolia-cms.com/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
----------------------------------------------------------------
For list details see
http://www.magnolia-cms.com/home/community/mailing-lists.html
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------
