Sequence of operation#
- User Provides their login name
- Application validates the user exists within LDAP
- Application validates the user is allowed to use Self Service
- Application retrieves challenge questions from eDirectory for User
- Application submits SASL Bind to eDirectory
- Increments a session counter to restrict the number of times the user may attempt to bind to eDirectory
If the bind is successful, then:
- The application can clear a value on the user to clear lockouts from Intruders.
- We have also made calls to Active Directory and cleared the attribute "lockouttime" is present and is not "0"
- Set the value to "0" (Only value you can Set it too which effectively unlocks the AD account)
- Display the eDirectory password to the user.
Other application Features
- Extensive Logging via LOG4J
- Extensive Parametrization of run-time settings
- All labels and Messages are Customizable
- Utilizes JSF Framework
- Easily Customized JSP Files for your Look-and-feel