<{{Subtitle_Weight}} class="prominent-subhead {{Show_Subtitle}}"> {{Header_Subtitle}}

Multiple and repetitive login calls to custom security provider

~~repeating-content.html~~
This article was created in response to a support issue logged with K2. The content may include typographical errors and may be revised at any time without notice. This article is not considered official documentation for K2 software and is provided "as is" with no warranties.
LEGACY/ARCHIVED CONTENT
This article has been archived, and/or refers to legacy products, components or features. The content in this article is offered "as is" and will no longer be updated. Archived content is provided for reference purposes only. This content does not infer that the product, component or feature is supported, or that the product, component or feature will continue to function as described herein.

Issue

When logging in with a custom security provider and providing an incorrect password, the login attempt is attempted 3 times. In some cases this causes the end user to lock his account.

Symptoms

Enabling logging on, on a custom security provider and logging in using an incorrect password you will notice multiple log in attempts.

Resolution

The change to only log in once has been fixed in K2 Blackpearl 4.7. This requires some configuration changes.

\K2 Blackpearl\K2 Smartforms Runtime\Web.config:

Please have a look in web.config for the SecurityLabel.K2SQL.Method:

<add key="ExcludedSecurityLabels" value="SP"/>
<!-- SecurityLabel Method number that should be tried (if applicable) when authenticating users with login.aspx page (Semi-colon separated list) -->
<!-- Method 1: // Integrated login where username and domain are specified seperately. eg:denallix\bob => username:bob, domain: denallix -->
<!-- Method 2: // n/a -->
<!-- Method 3: // Integrated login where the username is specified and using the current domain. Tried when domain is not specified. eg:denallix\bob => username:bob, domain: {current domain} -->
<!-- Method 4: // n/a -->
<!-- Method 5: // Custom non-integrated login where username and domain are specified seperately. eg:denallix\bob => username:bob, domain: denallix -->
<!-- Method 6: // Custom non-integrated login where the username is specified as domain\username. Tried when domain is specified. eg:denallix\bob => username:denallix\bob, domain: null -->
<!-- Method 7: // Custom non-integrated login where the username is specified and using the current domain. Tried when domain is not specified. eg:bob => username:bob, domain: {current domain} -->
<!-- Method 8: // Custom non-integrated login where the username is specified as 'domain\username' with using the current domain. Tried when domain is not specified. eg:denallix\bob => username:k2\bob, domain: null -->
<!--<add key="SecurityLabel.K2SQL.Methods" value="5;7" />-->
<add key="SODataProvider.DirectExecution" value="true"/>

 

Please make the following changes:

<!-- <add key="SecurityLabels" value="K2SQL"/>-->
To
<add key="SecurityLabels" value="{LABEL_NAME}"/>

To limit logins only to the {LABEL_NAME} label.
And also change
<!--<add key="SecurityLabel.K2SQL.Methods" value="5;7" />-->
to
<add key="SecurityLabel.{LABEL_NAME}.Methods" value="5" />

Make the same changes to the following 2 files:

\K2 Blackpearl\K2 Smartforms Designer\Web.config

\K2 Blackpearl\WebServices\Identity\Sts\Forms\Web.config

Perform an IISRESET and K2 Blackpearl Service Restart for the changes to take affect.