[OGo-Developer] Re: Automatically Lock an Account on Failed Logins
Sebastian Reitenbach
developer@opengroupware.org
Sat, 29 Sep 2007 15:02:53 +0200
Hi,
developer@opengroupware.org wrote:
> Hi,
>
> developer@opengroupware.org wrote:
> > Hi,
> >
> > I moved this thread from the users to the developer list.
> > > > http://bugzilla.opengroupware.org/bugzilla/show_bug.cgi?id=1917
> > >
> > > > > > > It stores locked status in the isLocked attribute of
> > > > Person; "is_locked"
> > > > > > > in the "person" table. It looks like it tries to use the
> session
> > log
> > > > > > > to compute the failures.
> > > > > > ok, so when it is persistently locked via the is_locked column
in
> > the
> > > > > > database, then the Admin has to reenable the account via the
> WebUI.
> > > > That's
> > > > > > fine for me. thanks.
> > > > > Yep, would be a good feature.
> > > > I think so too, I hope I'll find some time to take a look at the
> source
> > to
> > > > figure out what is going wrong there.
> >
> > After some fiddling around with gdb, I changed the return value of the
> > method canNestTransactions in sope's PostgreSQL72Context.m from NO to
YES,
> > see below, then everything was working fine. The account got locked when
> > trying too many times to login with the wrong password ;)
> >
> > - (BOOL)canNestTransactions {
> > return YES;
> > }
> >
> > This is called from sope EOAdaptorContext.m, which is called from
> > OGoContextManager.m
> >
> > AFAIK the nested transaction got introduced in postgres 8.0, and 7.X is
> also
> > long time not supported anymore, so I doubt that it wouldn't harm to
just
> > make that little change to sope's PostgreSQL72Context.m.
> >
> > any thoughts on this?
>
> I just recognized, Helge found a different solution to the problem, will
try
> out that too.
>
I tested Helge's version, works well too. I closed that bug report.
Thanks
Sebastian