Logon

Opens a session


      [
            String       
            sessionToken,

      		sessionInfo    
            sessionInfo,

            String       
            securityToken
            

      ]
      = Logon (
            String       
            login,

            String       
            password,

            XML          
            parameters
            

      )
         

Parameters

login

User account

password

Password associated with user login

parameters

Connection settings

Return value(s)

sessionToken

Session token

sessionInfo

Session parameters

securityToken

Security token

Account lockout mechanism configuration

An Account lockout mechanism is available within the logon() API. It prevents any further login attempts after a certain number of consecutive failed login attempts within a specified time frame.

Four options are available to configure the lockout mechanism:

  • XtkSecurity_max_Unsuccessul_Attempts_Allowed: max unsuccessful attempt to block a key within specified duration. The default value is 3.

  • XtkSecurity_Initial_Ban_Duration: duration for which key will be banned for the first time. The default duration is 5 minutes.

  • XtkSecurity_Max_Ban_Duration: max duration for which a key can be banned.

  • XtkSecurity_Examine_Window: time Window to track number of unsuccessful login attempts to ban an invalid key. The default duration is 10 mins.

For example, if someone tries 3 unsuccessful attempts in 10 mins, his key will be blocked for 5 mins.

Features

Schema: xtk:session

Static:

Yes