In this case, the user account is locked by maintaining a state of the account in memory. No information is stored in the user's LDAP profile to indicate the status of the account (active or inactive) when the account is locked in memory.
Configure the password policy and assign the policy to the test user.
See the Sun Java System Directory Server Enterprise Edition 6.3 Administration Guidefor detailed instructions on configuring these settings.
Access a resource protected by OpenSSO Enterprise to be redirected to the login page.
Log in to OpenSSO Enterprise using an incorrect password.
Do this repeatedly until the account is locked and the error page is displayed. The account is locked based on the number of attempts configured in the password policy.
Click the hyperlink on the page.
You are redirected to an Identity Manager page on which are required to change your password. Note that the URL is the one configured in the user_inactive.jsp.
Change your password.
Identity Manager determines the account from the accountID parameter and changes the password on both OpenSSO Enterprise and on Identity Manager. After a successful modification, the user is redirected to the original URL defined in the goto parameter.