This is actually how it is supposed to work. Accounts are generally disabled because the user enters the wrong password
X number of times, and then the account is automatically re-enabled after Y number of minutes.
This is all configurable in the security.properties file, and the behavior can
be changed there.
Also, if you want to "permanently" disable a UserLogin, even with the OOTB settings you can set the disabled date to far
in the future, and 5 minutes after that won't come up for a long time.
-David
Sumit Pandit wrote:
When we tried to disable(block) a user login with following route.
https://demo.hotwaxmedia.com/partymgr/control/editlogin?partyId=DemoCustomer1&userLoginId=DemoCustomer1
Now here Set enable = N and save.
Now after 5 mins, on ecommerce when i tried to do login with same user
name : DemoCustomer1 and password ofbiz then it logged in successfully.
So here after 5 mins userlogin is not disable/blocked any more.
NOTE : I chacked in database at UserLogin entity
(after disable via partymgr, login via ecommerce)
Before login : enabled = N
after login : enabled = N
logout : enabled = N
login again : enabled = Y
where enabled is attribute of UserLogin entity.
--
Thanks and Regards
Sumit Pandit
Rishi Solanki
HotWaxMedia, Inc
http://www.hotwaxmedia.com
