Developer

Configuring User Lockout for Failed Login Attempts

This procedure describes how to configure the user lockout behavior on the mobile application, which occurs after the defined number of failed login attempts by the mobile user. A part of this configuration is the resulting behavior, as set by the “lockout level”, when a user is to be locked out.

Prerequisites

The following items must be addressed prior to performing this procedure:
  • Determine the desired number of maximum login attempts before locking out a user.
  • Determine the proper response by the client when locking out a user. Review the information provided in the Agentry Language Reference, specifically the section “Application Definition,” in the subsection “Application Security Attributes.”

Context

The failed login attempts and lockout level settings should be configured to match the security requirements of the implementation environment. Possible lockout behaviors range from simply requiring the user to perform a successful login and full transmit with the Agentry Server before being allowed to proceed; removing all module-level production data (including object instances and pending transactions) and requiring a full login and transmit; or completely resetting the Agentry Client executable, removing all data stored by the application, and requiring a full transmit and synchronization before being allowed access to the application.

Defining this behavior requires the modification of the Application Security attributes found in the Application definition, followed by publishing the changes to the Agentry Server, with a subsequent transmit by each Agentry Client to update the mobile application with the new settings.

Procedure

  1. Open the Agentry application project in the Agentry Editor. View the Application definition and select the Application Security tab in the Properties view.
  2. Begin by setting the maximum number of login attempts to allow by setting the attribute Login Attempts to the desired value.
  3. Select the desired lockout behavior by selecting the appropriate option for the Lockout Level attribute.

    For details on the Lockout Level options, see the “Application Definition” section in the “Agentry Language Reference.” Review the information for the Lockout Level attribute found in the “Application Security Attributes” subsection.

  4. Save the changes made to the Application definition. Publish the application to the Agentry Server used for testing and verify the desired behavior. Publish or deploy the application the Agentry Server in the production environment when you are ready for the mobile users to receive these changes.

Results

The desired lockout behavior for mobile users reaching the maximum number of failed login attempts has been defined. The behavior will be exhibited on the Agentry Client for mobile users in the production environment once published or deployed to that environment.