Maximo 7.6 feature - Denial of Service attack

I didn't know about this new feature in Maximo 7.6 until today. Here is the problem: an user reported he's unable to log into Maximo with "BMXAA7901E - You cannot log in at this time" error. Both the Maximo Admin and I could log in using the same userid and password without any problem. After some investigation, it turned out that the user's IP address has been blocked.

This is a new feature in Maximo 7.6 as described by IBM here and here by Mark Robbins.

What interesting is, by looking into the default Maximo's settings, an IP will only be blocked if there are more than 50 failed login attempts made in less than 30 seconds. So it's not possible for a normal user to be blocked by this mechanism.

It turned out in my case that, there is an integration service being developed sending failed OSLC login attempts using this same account. It caused both the user account and the IP to be blocked. The Maximo Admin attempted to remove the block on the user account only and reset the password. So on the face of it, everything looks good as both I and him can login using the account but not the user.

So next time, if you have a similar symptom, better check if there's any IP blocked by using the new "Manage Blocked IP Addresses" action menu in the Users application as shown in the screenshot below: