Skip to content

[fix](password) password lock failed after invalid login#61592

Open
morningman wants to merge 1 commit intoapache:masterfrom
morningman:passwd_3times
Open

[fix](password) password lock failed after invalid login#61592
morningman wants to merge 1 commit intoapache:masterfrom
morningman:passwd_3times

Conversation

@morningman
Copy link
Contributor

@morningman morningman commented Mar 21, 2026
edited
Loading

What problem does this PR solve?

Problem Summary:

When a user is created with FAILED_LOGIN_ATTEMPTS N PASSWORD_LOCK_TIME T,
the account locks correctly after N consecutive wrong passwords. However,
after the lock expires (or after admin ACCOUNT_UNLOCK), entering N wrong
passwords again never triggers a lock again.

Root cause: In FailedLoginPolicy.onFailedLogin(), when failedLoginCounter
has reached numFailedLogin and the lock has expired, the method returned
true without resetting the counter or updating lockTime. Since isLocked()
correctly returned false (lock expired), the account could never be re-locked.

Fix: When the counter has reached the limit but the lock has expired, call
unlock() to reset both counter and lockTime, then continue counting new
failed attempts from zero.

Release note

None

Check List (For Author)

  • Test

    • Regression test
    • Unit Test
    • Manual test (add detailed scripts or steps below)
    • No need to test or manual test. Explain why:
      • This is a refactor/code format and no logic has been changed.
      • Previous test can cover this change.
      • No code files have been changed.
      • Other reason

  • Behavior changed:

    • No.
    • Yes.

  • Does this need documentation?

    • No.
    • Yes.

Check List (For Reviewer who merge this PR)

  • Confirm the release note
  • Confirm test cases
  • Confirm document
  • Add branch pick label

@Thearas
Copy link
Contributor

Thearas commented Mar 21, 2026

Thank you for your contribution to Apache Doris.
Don't know what should be done next? See How to process your PR.

Please clearly describe your PR:

  1. What problem was fixed (it's best to include specific error reporting information). How it was fixed.
  2. Which behaviors were modified. What was the previous behavior, what is it now, why was it modified, and what possible impacts might there be.
  3. What features were added. Why was this function added?
  4. Which code was refactored and why was this part of the code refactored?
  5. Which functions were optimized and what is the difference before and after the optimization?

@morningman
Copy link
Contributor Author

morningman commented Mar 21, 2026

run buildall

@doris-robot
Copy link

doris-robot commented Mar 21, 2026

TPC-H: Total hot run time: 26713 ms 
machine: 'aliyun_ecs.c7a.8xlarge_32C64G'
scripts: https://github.com/apache/doris/tree/master/tools/tpch-tools
Tpch sf100 test result on commit 9a62f3b16d9c52051e3e340f15b0d6b7e8886f11, data reload: false

------ Round 1 ----------------------------------
orders	Doris	NULL	NULL	0	0	0	NULL	0	NULL	NULL	2023-12-26 18:27:23	2023-12-26 18:42:55	NULL	utf-8	NULL	NULL	
============================================
q1	17605	4611	4347	4347
q2	q3	10644	782	508	508
q4	4676	348	248	248
q5	7568	1230	1017	1017
q6	173	173	142	142
q7	785	830	689	689
q8	9289	1460	1361	1361
q9	5000	4753	4628	4628
q10	6304	1891	1629	1629
q11	452	256	241	241
q12	736	593	471	471
q13	18042	2917	2162	2162
q14	227	233	209	209
q15	q16	729	748	671	671
q17	730	847	435	435
q18	6441	5447	5168	5168
q19	1121	964	607	607
q20	533	473	369	369
q21	4611	1812	1519	1519
q22	480	380	292	292
Total cold run time: 96146 ms
Total hot run time: 26713 ms

----- Round 2, with runtime_filter_mode=off -----
orders	Doris	NULL	NULL	150000000	42	6422171781	NULL	22778155	NULL	NULL	2023-12-26 18:27:23	2023-12-26 18:42:55	NULL	utf-8	NULL	NULL	
============================================
q1	4767	4577	4551	4551
q2	q3	4011	4403	3865	3865
q4	913	1191	792	792
q5	4058	4318	4325	4318
q6	188	174	145	145
q7	1777	1659	1539	1539
q8	2528	2762	2629	2629
q9	7498	7385	7350	7350
q10	3772	3982	3625	3625
q11	502	438	449	438
q12	495	609	486	486
q13	2846	3094	2343	2343
q14	287	312	278	278
q15	q16	733	771	754	754
q17	1480	1378	1394	1378
q18	7212	6808	6639	6639
q19	1015	998	949	949
q20	2096	2191	2014	2014
q21	4016	3567	3366	3366
q22	484	417	391	391
Total cold run time: 50678 ms
Total hot run time: 47850 ms

@doris-robot
Copy link

doris-robot commented Mar 21, 2026

TPC-DS: Total hot run time: 168545 ms 
machine: 'aliyun_ecs.c7a.8xlarge_32C64G'
scripts: https://github.com/apache/doris/tree/master/tools/tpcds-tools
TPC-DS sf100 test result on commit 9a62f3b16d9c52051e3e340f15b0d6b7e8886f11, data reload: false

query5	4365	622	504	504
query6	347	239	211	211
query7	4225	455	256	256
query8	348	246	225	225
query9	8735	2715	2731	2715
query10	517	384	329	329
query11	6966	5083	4879	4879
query12	182	132	125	125
query13	1285	467	349	349
query14	5744	3752	3496	3496
query14_1	2848	2877	2881	2877
query15	214	190	177	177
query16	973	452	432	432
query17	891	737	627	627
query18	2451	452	356	356
query19	221	209	188	188
query20	136	128	127	127
query21	215	130	108	108
query22	13246	13946	14832	13946
query23	16218	15856	15588	15588
query23_1	16057	15870	15766	15766
query24	7293	1601	1221	1221
query24_1	1237	1195	1231	1195
query25	605	461	405	405
query26	1476	272	146	146
query27	2949	490	291	291
query28	4601	1828	1832	1828
query29	850	612	475	475
query30	292	228	194	194
query31	1000	947	877	877
query32	85	69	73	69
query33	524	331	282	282
query34	908	871	528	528
query35	635	696	601	601
query36	1055	1148	969	969
query37	133	95	84	84
query38	2936	2902	2913	2902
query39	852	833	814	814
query39_1	785	796	788	788
query40	239	153	138	138
query41	63	60	59	59
query42	264	253	253	253
query43	234	253	225	225
query44	
query45	196	192	184	184
query46	894	971	602	602
query47	2544	2129	2041	2041
query48	317	307	239	239
query49	634	453	370	370
query50	686	270	214	214
query51	4113	4083	3982	3982
query52	260	260	255	255
query53	285	337	287	287
query54	311	275	267	267
query55	89	90	84	84
query56	313	326	307	307
query57	1927	1795	1759	1759
query58	283	273	270	270
query59	2776	2946	2739	2739
query60	341	346	328	328
query61	158	152	158	152
query62	647	583	540	540
query63	313	287	276	276
query64	5128	1272	993	993
query65	
query66	1478	449	355	355
query67	24235	24341	24204	24204
query68	
query69	402	358	279	279
query70	967	918	855	855
query71	336	297	295	295
query72	2794	2683	2538	2538
query73	535	545	327	327
query74	9605	9591	9454	9454
query75	2884	2768	2476	2476
query76	2294	1046	679	679
query77	366	384	312	312
query78	10959	11031	10487	10487
query79	2155	770	566	566
query80	1698	647	582	582
query81	578	257	219	219
query82	1020	148	116	116
query83	333	272	259	259
query84	293	118	105	105
query85	896	498	450	450
query86	415	315	302	302
query87	3135	3130	3004	3004
query88	3557	2675	2661	2661
query89	419	367	352	352
query90	2038	176	194	176
query91	167	193	140	140
query92	73	76	67	67
query93	993	847	509	509
query94	641	311	284	284
query95	583	397	315	315
query96	646	516	228	228
query97	2473	2460	2435	2435
query98	228	218	224	218
query99	1001	1012	933	933
Total cold run time: 251960 ms
Total hot run time: 168545 ms

@hello-stephen
Copy link
Contributor

hello-stephen commented Mar 21, 2026

FE UT Coverage Report

Increment line coverage 100.00% (3/3) 🎉
Increment coverage report
Complete coverage report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dev/3.0.x dev/3.1.x dev/4.0.x dev/4.1.x

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@morningman @Thearas @doris-robot @hello-stephen