When a global user logs into the grid and is authenticated by the global directory service, CA AppLogic® stores a one-way hash of that user’s password. This allows the same user to log in to the grid in case the global directory service is temporarily unavailable. The cached information is valid for a span of time configured using BFC when the global directory service is configured.
In addition, CA AppLogic® tracks unsuccessful password logins through the user interface. After six unsuccessful attempts to log in, a user is locked out for five minutes. After an additional six unsuccessful log in attempts a user is locked out for an hour. A locked-out user can be unlocked by a grid administrator or grid maintainer. There is no lockout for SSH key-based logins.
|
Copyright © 2012 CA.
All rights reserved.
|
|