-
Bug
-
Resolution: Fixed
-
Minor
-
4.0.3, 4.1.1, 4.2
-
None
The "last access date" information for users (available under the tools menu in admin central) is updated not only when the user logs in, but also for any failed login.
If you try logging in with superuser/wrongpassword you will see the last access date for superuser updated.
The setLastAccess() call is actually in MgnlUserManager, before the password validation. It should be moved to JCRAuthenticationModule after a successful authentication.
Acceptance criteria