Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-17029

Wrong error message in case of repeated authentication failure

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Major
    • None
    • 11.10.3
    • Authentication
    • None
    • Unknown

    Description

      Reproduction step:

      • Try to login with an user (let's say Admin) 3 times with a wrong password
      • Leave the login page (back to home, or just open a new tab)
      • Try again to login from a clean login page (not one loaded after 3 failed attempts) with the right password

      Obtained result:

      • An error message will say that there's "invalid credentials" (see screenshot)

      Expected result:

      • I guess the error message should talk about a security issue? Not quite sure how we should present it.

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. XWIKI-22397 Allow admins to check the list of users blocked by the security authentication mechanism

          • Major - Major loss of function.
          • Open

          Activity

            People

              Unassigned Unassigned
              surli Simon Urli
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: