if ( user.getCountFailedLoginAttempts() > 0 )
{
user.setCountFailedLoginAttempts( 0 );
- userManager.updateUser( user );
+ if ( !userManager.isReadOnly() )
+ {
+ userManager.updateUser( user );
+ }
}
return new AuthenticationResult( true, source.getPrincipal(), null );
try
{
+
securityPolicy.extensionExcessiveLoginAttempts( user );
+
}
finally
{
- userManager.updateUser( user );
+ if ( !userManager.isReadOnly() )
+ {
+ userManager.updateUser( user );
+ }
}
//return new AuthenticationResult( false, source.getPrincipal(), null, authnResultExceptionsMap );