Set up reCaptcha with the WSO2 Identity Server. For instructions on how to do this and more information about reCaptcha, see Setting Up ReCaptcha.
Note: To modify the filter mapping for reCaptcha, open the
web.xmlfile located in the
<IS_HOME>/repository/conf/tomcat/carbon/WEB-INFdirectory and find the following filter. You can modify the relevant URL patterns if required.
- Start the WSO2 IS Server and login to the management console.
- Click List under Identity Providers found in the Main tab.
- Click Resident Identity Provider and expand the Login Policies tab. Then, expand the Captcha for SSO Login tab.
Select Enable and enter a value for the Max failed attempts field. For example, if you enter 3, reCaptcha will be re-enabled after 3 failed attempts.
Note: This value should be less than the number of failed attempts configured in the account locking connector.
- You have now successfully configured reCaptcha for the single sign on flow. If the number of failed attempts reaches the maximum configured value, the following reCaptcha window appears.