This documentation is for WSO2 Identity Server 5.1.0 . View documentation for the latest release.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Enable the Identity Listener by setting the <EventListener> property <UserOperationEventListener> property with the name "IdentityMgtEventListener", to true in the <IS_HOME>/repository/conf/identity/identity.xml file.

    Code Block
    languagexml
    <EventListener type="org.wso2.carbon.user.core.listener.UserOperationEventListener" name="org.wso2.carbon.identity.mgt.IdentityMgtEventListener" orderId="50" enable="true"/>
  2. Configure the following parameters in the <IS_HOME>/repository/conf/identity/identity-mgt.properties file.

    Configuration

    Description

    Authentication.Policy.Enable=true

    This enables the authentication flow level which checks for the account lock and one time password features. This property must be enabled for the account lock feature to work.

    Authentication.Policy.Account.Lock.On.Failure=true

    This enables locking the account when authentication fails.

    Authentication.Policy.Account.Lock.On.Failure.Max.Attempts=2

    This indicates the number of consecutive attempts that a user can try to log in without the account getting locked. In this case, if the login fails twice, the account is locked.

    Authentication.Policy.Account.Lock.Time=5

    The time specified here is in minutes. In this case, the account is locked for five minutes and authentication can be attempted once this time has passed.

    Code Block
    languagebash
    Authentication.Policy.Enable=true
    Authentication.Policy.Account.Lock.On.Failure=true
    Authentication.Policy.Account.Lock.On.Failure.Max.Attempts=2
    Authentication.Policy.Account.Lock.Time=5

...

Code Block
titleLock Account SOAP Request
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:ser="http://services.mgt.identity.carbon.wso2.org">
  <soapenv:Header/>
  <soapenv:Body>
  <ser:lockUserAccount>
  <!--Optional:-->
  <ser:userName>Bob<userName>Alex</ser:userName>
  </ser:lockUserAccount>
  </soapenv:Body>
</soapenv:Envelope>

...

Code Block
languagexml
titleUnlock Account SOAP Request
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:ser="http://services.mgt.identity.carbon.wso2.org">
  <soapenv:Header/>
  <soapenv:Body>
  <ser:unlockUserAccount>
  <!--Optional:-->
  <ser:userName>Bob<userName>Alex</ser:userName>
  </ser:unlockUserAccount>
  </soapenv:Body>
</soapenv:Envelope>

...