Issue
When trying to log in Semarchy xDM, a user may encounter a "Too many failed login attempts" message, preventing access to the system.
Cause
This message is triggered when the number of failed login attempts from an IP address exceeds the limit (the default is 5 attempts), thereby locking access from that address for 24 hours.
Solution
On-premise install
1- To resolve the issue of being locked out due to too many failed login attempts, restart Tomcat.
Restarting the Tomcat server can reset the failed login attempts count, allowing immediate access.
2- To prevent this issue from occurring in the future, configure the system to allow a greater number of failed login attempts or disable this feature entirely. You can modify the behavior using the following parameters:
- Disable the max login attempts feature by setting (Version 2024.1.2+):
-Dxdm.idm.maxloginattempts.enable=false- Or, customize the maximum number of failed attempts by setting:
-Dxdm.idm.maxloginattempts=_integer_The maximum value is 2147483647.
By configuring the appropriate parameters, you can manage how many failed login attempts are permissible and avoid being locked out in the future. Restarting Tomcat, meanwhile, offers an immediate resolution to the lockout.
AWS install
SSH to your AWS Marketplace QuickStart VM and run the following commands:
ubuntu@ip-XX-XX-XX-XX:~$ cd /etc/xdm ubuntu@ip-XX-XX-XX-XX:/etc/xdm$ ls -la total 20 drwxrwxr-x 2 root root 4096 Oct 3 14:29 . drwxr-xr-x 105 root root 4096 Oct 3 15:05 .. -rw-r--r-- 1 root tomcat 798 Oct 3 14:29 config.properties -rw-r--r-- 1 root root 950 Apr 4 2024 grant-privileges.sql -rw-r--r-- 1 root tomcat 427 Oct 3 14:29 local.keystore ubuntu@ip-XX-XX-XX-XX:/etc/xdm$ sudo vi config.properties
Add the following line at the end of the file:
xdm.idm.maxloginattempts.enable=false
Save the file and restart Tomcat:
ubuntu@ip-XX-XX-XX-XX:/etc/xdm$ sudo service tomcat9 stop ubuntu@ip-XX-XX-XX-XX:/etc/xdm$ sudo service tomcat9 start