After 3 attempts at authenticating in the WAMUI the user is not disabled

Document ID : KB000007578
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

We have protected the WAM UI using Siteminder.

The document used for reference is under

https://support.ca.com/irj/portal/anonymous/kbtech?searchID=TEC569112&docid=569112&bypass=yes&fromscreen=kbresults 

But after entering the password incorrectly 3 times - the WAM UI redirects the user to a error screen.

But it does not lock out the user: if the user tries with the correct password the user will be able to login again.

Environment:
CA SSO 12.51 build 975
Cause:

When Administrative Authentication is configured for WAMUI, WAMUI creates a User Directory object along with Domain for protecting the WAMUI for performing authentication and authorization. WAMUI hides this User Directory object from displaying by verifying if description has * Please do not edit this - used by SM Auth domain * text. Hence we will not be able to apply password polices for his User Directory which is causing auditing issues.

Resolution:

This issue is resolved in SiteMinder 12.51 CR05 and in 12.52SP1CR01

Release notes :

https://docops.ca.com/ca-single-sign-on/12-51/en/release-notes/cumulative-releases-for-12-51/defects-fixed-in-ca-siteminder-12-51-cr05#DefectsFixedinCASiteMinder12.51CR05-PolicyServer

 

https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/release-notes/cumulative-releases/defects-fixed-in-12-52-sp1-cr01#DefectsFixedin12.52SP1CR01-PolicyServer