Account Locking and Validity Attributes

Attribute Name (Examples)

Usage

Type

Ldap Connector

Ldap Token

List Persister

Ldap Pwd Self Service

Token Persister

isLocked

Flag telling whether the user is locked or not. Locked user cannot log in.

Boolean

O

lockDate

Date and time when the user was locked the last time. May be empty.

Timestamp

O

lockReason

Reason why the user is locked. May be empty. May be empty.

String

O

valid

Flag telling whether the user account is valid. Invalid accounts cannot be used for authentication. Defaults to true.

Boolean

O

notValidBefore

Date and time before which the user account is considered to be invalid. Invalid accounts cannot be used for authentication. Defaults to true.

Timestamp

O

notValidAfter

Date and time after which the user account is considered to be invalid. Invalid accounts cannot be used for authentication. Defaults to true.

Timestamp

O

failedLogins

Counts the number of failed login attempts since the latest successful login.

Integer

O

failedTokenCounts

Counts the number of failed attempts on authentication tokens

String

O for JSP-Loginapp

R for the Loginapp REST API/UI

failedLoginsBeforeLatestSuccessfulLogin

Counts the number of failed login attempts reached before the latest successful login.

Integer

O

failedStepupAttempts

Counts the number of failed Step-Up attempts. 

Integer

R

= required by plugin

O

= may be used by plugin