[Koha-bugs] [Bug 20040] New: FailedLoginAttempts syspref will lock out users so that they cannot log in unless the syspref is cleared
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Jan 19 00:57:29 CET 2018
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20040
Bug ID: 20040
Summary: FailedLoginAttempts syspref will lock out users so
that they cannot log in unless the syspref is cleared
Change sponsored?: ---
Product: Koha
Version: 17.05
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Authentication
Assignee: koha-bugs at lists.koha-community.org
Reporter: barton at bywatersolutions.com
QA Contact: testopia at bugs.koha-community.org
CC: dpavlin at rot13.org
I think that the FailedLoginAttempts system preference is only meant to be set
ifNorwegianPatronDBEnable is set to 'Enable'; my testing is all done with
ifNorwegianPatronDBEnable set to 'Disable'.
What's happening:
Setting FailedLoginAttempts, then logging in with incorrect credentials will
lock the account. The login screen says that the account is locked, and no
further attempts to log in will work.
It is entirely unclear how to unlock the account -- resetting the password does
not work, and the lock is not set via borrower debarments, so it can't be
disabled there.
The only way I was able to re-enable logins for a locked patron was to blank
out FailedLoginAttempts.
If this is only meant to be used in conjunction with ifNorwegianPatronDBEnable,
it shouldn't be settable unless that is enabled.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list