I have a .dsp application and have a requirement to ‘lockout’ user accounts after a 3 password fails.
I cannot find any settings to control this, so at the moment have a service to scan the server.log looking for:
0006BD [B2BSERV.0053.0002] Access denied for user graham on port 5555 - > ‘’ from 127.0.0.1.
then can record a failure against the user graham (in an external file) and even if they do get a good password, they are not allowed access (controlled from within my application).
This is not a very elegant solution, AND when I came to deployment am using reverse invoke. The RI setup is working fine, but when I test the same scenario of an invalid password thru the RI server I record:
000E29 [B2BSERV.0079.0110] AccessException in DefaultSocketRequestHandler: [B2BSERV.0084.9001] Invalid credentials
ie I cannot attribute this login attempt to a user account
I have the server logging (on the internal server) set to 5
Does anyone have any ideas on how I can move this forward? I am just as willing to listen to alternate solutions as changing the scan server.log mechansim
#webmethods-Protocol-and-Transport#Integration-Server-and-ESB#webMethods