Hi, I noticed that the comments and metatype data in http://svn.apache.org/repos/asf/sling/trunk/bundles/extensions/healthcheck/support/src/main/java/org/apache/sling/hc/support/impl/DefaultLoginsHealthCheck.java all say that this tests that the referenced accounts are "disabled" in a production system.
But AFAICT, this isn't actually the case. This test checks that a set of credentials doesn't work. The test could fail because the account is disabled OR because the password is incorrect - this check doesn't differentiate cause. I'm happy to correct this, but could someone let me know the true intention? Is this check supposed to verify that accounts are disabled or simply that the credentials can't be used to log in? My sense is the latter, but I'd love confirmation. Thanks, Justin
