Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-2917

last access date is updated also after a login failure

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Minor
    • 4.2
    • 4.0.3, 4.1.1, 4.2
    • core
    • None

    Description

      The "last access date" information for users (available under the tools menu in admin central) is updated not only when the user logs in, but also for any failed login.
      If you try logging in with superuser/wrongpassword you will see the last access date for superuser updated.

      The setLastAccess() call is actually in MgnlUserManager, before the password validation. It should be moved to JCRAuthenticationModule after a successful authentication.

      Checklists

        Acceptance criteria

        Attachments

          Activity

            People

              fgiust Fabrizio Giustina
              fgiust Fabrizio Giustina
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Checklists

                  Bug DoR
                  Task DoD