In case of repeated authentication failure the user is blocked by the authentication security mechanism and still receives invalid credentials message (there is an explanation for this on XWIKI-17029). Disabling the authentication security is possible to clear the information about login failures, which might unlock users in case of problems (https://www.xwiki.org/xwiki/bin/view/ReleaseNotes/Data/XWiki/11.10/Change004/) However it would be useful for the admins of the wiki to be able to check the lists of users blocked by the security authentication mechanism due to past failed attempts (e.g from the administration UI). This way it would easier to confirm if the users login issue "invalid credentials" is due to the fact they were actually blocked. |