Prev
Next
Forums User Experience Lawson Portal

LSF9 Portal max failed login attempts puts error text dump all over web page

 5 Replies
 0 Subscribed to this topic
 13 Subscribed to this forum
Sort:
Author
Messages
jeremy.zerr
Advanced Member
Posts: 23
Advanced Member
7/6/2009 9:05 PM
    With our move to LSF9 Portal and the SSO system, we now have the problem that when a user reaches the max number of failed login attempts, we get a pageful of a big servlet error dump.

    No page that says something nice like, "you exceeded the max number of failed login attempts, please call the help desk to reset your password".

    Its about 3 pagefuls of error text starting like this:
    com.lawson.lawsec.authen.SecurityAuthenException:Got exception while binding for oneOfOurLawsonUsers in LDAP.

    This is not considered a bug by Lawson, so we will have to address this ourselves.

    So my question is, does anyone out there know how to customize that error screen?  I can't seem to find what file it is or anything, so any info you have will be useful.  We also don't host our own server, so it makes it impossible for me to just poke around until I find it like I normally would do.

    Any help will be much appreciated.

    Thanks, Jeremy
    Paxson Kabala
    Basic Member
    Posts: 4
    Basic Member
    12/1/2009 2:54 PM

      Hi Jeremy.  We just upgraded to LSF9 and are experiencing the same issue.  Did you get any assistance with this that you can share?

      Much appreciated...

      Paxson

      Annie Lu
      New Member
      Posts: 1
      New Member
      2/19/2010 3:22 PM
        Hi Jeremy/Paxson,

        Did you get any response about this issue. We are experiencing the same thing.
        Thanks for the help.
        Annie
        Joe O'Toole
        Veteran Member
        Posts: 314
        Veteran Member
        2/19/2010 5:00 PM
          We had a similar issue when our network admins were doing maintenance on the DC and AD but it was intermittent. Are these local or remote / low bandwidth users? Does your network admin have auto unlock set or do you leave accounts locked indefinitly? Could it be possible that LSF is not getting timely enough response from AD or the account satus is out of date?
          jeremy.zerr
          Advanced Member
          Posts: 23
          Advanced Member
          2/19/2010 5:21 PM
            We're on 8.0.3 apps, Lawson has said that this problem is fixed in version 9 of apps, which is why they won't do anything about it. We have our servers hosted, so we don't have a lot of control about what is going on with the server either. It happens to everyone when they exceed their max login attempts.

            I've designed a client-side method to work around it, but haven't implemented it yet because it is pretty invasive with code in login.js and portal.js, basic premise is to attempt to track the number of failed login attempts client side using a cookie, popup warning messages when people are approaching the max login attempt fails, and prevent them exceeding the max by preventing the next post to the server and handling it client side with an alert box to call a help desk to reset password along with code that prevents the form from being submitted that would cause the jumbled mess of an error to show. Its definitely not failproof, but still a lot better than what we are dealing with now.

            Jeremy
            Carlotta McCormick
            Basic Member
            Posts: 7
            Basic Member
            2/19/2010 5:55 PM
              Jeremy: We're hosted, and on 9.0 environment and apps, and we still have this issue. I understand this is an issue with LDAP and not lawson directly. We don't have a fix for it--we just have users contact the helpdesk, and gave them the rights to reset LDAP passwords.