reCaptcha page reports “Login failed,please try again” message when threshold set to 0

NAM 4.3 comes with support for google’s reCaptcha. As per NAM 4.3 Developer guide (https://www.netiq.com/documentation/access-manager-43/pdfdoc/nacm_enu/nacm_enu.pdf), reCAPTCHA can be enabled on login class or method by specifying recaptcha properties.

When recaptchaThreshold property is set to 0, recaptcha is always shown on the login page. During the first time login, with recaptchaThreshold set to 0, the captcha functionality works fine without any errors but the login page shows a message - “Login failed, please try again”. 

This is a bug and below workaround could be used to address it.
 

a.       Take a backup of current /opt/novell/nids/lib/webapp/jsp/login_latest.jsp

 

b.       Modify it as below :

Replace below :

 

<%

    String err = (String) request.getAttribute(NIDPConstants.ATTR_LOGIN_ERROR);

    if (err != null)

    {

%>

 

With:

 

<%                        

              

    String err = (String) request.getAttribute(NIDPConstants.ATTR_LOGIN_ERROR);                                 

              

    if (err != null)

    {

         if (err != null && err.startsWith("Login failed, please try again"))

         {

          err = "Please enter your login credentials!";

         }

%> 

 

c.       The error message in Step b can be customized as per business requirements.

Setting the captchaThreshold to 0 can be useful in preventing DoS attacks, where users cannot blindly submit credentials and overload the LDAP pool of handles. With a threshold of 0, the credentials can only be submitted after the captcha check has been performed.