Page History

You can register a user and get the confirmation by the user through the email, which helps to confirm an actual user.This section guides you through using the SOAP Service to set up and use the self-registration feature. You can use an application such as SOAP UI to try out the service. 

The self sign up process creates the user and locks the user account until the user confirmation is received. The created user has an expiry period which, if exceeded, ensures the account cannot be unlocked. The expired accounts are not actually used by the creator and may have been forgotten long ago. The system administrator can later delete these accounts if needed, hence making this a better way to manage the resources. 

...

Define the following claims and map them with correct attributes in the underlying data store. See Claim Management for more information on how to do this.

...

...

Configuring WSO2 Identity Server

1. Open the identity.xml file found in the <IS_HOME>/repository/conf/identity/

   claim-mgt.xml file prior to the first startup and then start the server. If you do not require these claims for all tenants, then it should be added via the UI of specific tenants as instructed here.

   The following claim must be mapped.

   • http://wso2.org/claims/identity/accountLocked - This claim is used to store the status of the user's account, i.e., if it is locked or not.

   Enable the Identity Listener by setting the following property to true in the <IS_HOME>/repository/conf/identity/identity.xml file.
   <EventListener  directory. Enable the following SOAP identity listener by setting the enable property to true. Disable the REST API listeners (listeners with orderId=95 and orderId=97)  by setting the enable property to false. 

   Code Block
   language xml
   <EventListener type="org.wso2.carbon.user.core.listener.UserOperationEventListener" name="org.wso2.carbon.identity.mgt.IdentityMgtEventListener" orderId="50" enable="true" /> <EventListener type="org.wso2.carbon.user.core.listener.UserOperationEventListener" name="org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener" orderId="95" enable="false"/> <EventListener type="org.wso2.carbon.user.core.listener.UserOperationEventListener" name="org.wso2.carbon.identity.governance.

   mgt

   listener.

   IdentityMgtEventListener

   IdentityStoreEventListener"

    orderId

   orderId="

   50

   97" enable="

   true

   false"/>

2. Do Configure the following configurations properties in the <PRODUCT_HOME>/repository/conf/identity/identity­-mgt.properties file.

   Code Block
   language xml
   Notification.Sending.Internally.Managed=true Authentication.Policy.Account.Lock.On.Creation=true Notification.Expire.Time=7200 Notification.Sending.Enable=true Authentication.Policy.Enable=true

   See the following table for descriptions of these configurations.

   Configuration	Description
   Notification.Sending.Internally.Managed=true	This enables the internal email sending module. If this property is set to false, the email sending data is available to the application via a Web service. Thus the application can send the email using its own email sender.
   Authentication.Policy.Account.Lock.On.Creation=true	This This enables locking the account when the account is created.
   Notification.Expire.Time=7200	The time specified here is in minutes. In this case, the recovery expires after 7200 minutes.
   Notification.Sending.Enable=true	This enables the email sending function when recovering the account and verifying the user creation.
   Authentication.Policy.Enable=true	This enables the authentication flow level checks for the account lock and account confirmation features. You This must enable this be enabled to make the account confirmation feature work.

3. Configure the email­-admin­-config.xml file found in <PRODUCT_HOME>/repository/conf/email/ with the email template of type “accountConfirmation”. The following is a sample template:

   Tip
   Tip: You can also customize the email template through the WSO2 IS management console in other languages. For more information on how to do this, see Customizing Automated Emails.

   Code Block
   language html/xml
   <configuration type="accountConfirmation"> <targetEpr></targetEpr> <subject>WSO2 Carbon - Account Confirmation</subject> <body> Hi {first-name}, You have created an account with following user name User Name: {user-name} Please click the following link to unlock. If clicking the link doesn't seem to work, you can copy and paste the link into your browser's address window. https://localhost:8443/InfoRecoverySample/confirmReg?confirmation={confirmation-code}&amp;userstoredomain={userstore-domain}&amp;username={user-name}&amp;tenantdomain={tenant-domain} </body> <footer> Best Regards, WSO2 Identity Server Team http://www.wso2.com </footer> <redirectPath></redirectPath> </configuration>

4. Add the following message formatter under the <messageFormatters> tag in the axis2.xml file found in the <PRODUCTOpen the <IS_HOME>/repository/conf/axis/ directory. Once you set this property, the emails will be sent to the user.  axis2/axis2.xml file and uncomment the following email transportSender configurations. This is necessary because notification sending is internally managed. The configuration values provided are sample values therefore, provide your email details as required.

   Code Block
   language xml
   <messageFormatter<transportSender contentTypename="text/htmlmailto" class="org.apache.axis2.transport.mail.MailTransportSender"> <parameter name="mail.smtp.from">[email protected]</parameter> <parameter name="mail.smtp.user">wso2demomail</parameter> <parameter name="mail.smtp.password">mailpassword</parameter> <parameter name="mail.smtp.host">smtp.gmail.com</parameter> <parameter name="mail.smtp.port">587</parameter> <parameter name="mail.smtp.starttls.enable">true</parameter> <parameter name="mail.smtp.auth">true</parameter> </transportSender>

   Note
   title Custom user store - claim mapping
   If you are using a custom user store, follow the steps below and map the claim. Note that this is only required for custom user stores. Start the IS server and login to the management console.  Click on List under Claims on the Main tab and click on the http .ApplicationXMLFormatter"/> ://wso2.org/claims dialect.  Click on the Edit button next to the AccountLocked claim and map the claim to the relevant attribute in the underlying user store.  See Claim Management for more information on how to do this.

Try out the service

Once you have configured the WSO2 IS, make the following SOAP requests in the order that it is listed, to use the service to self register a user. 

Self Sign Up

The sequence of services calls are described below for self sign up.

1. getUserIdentitySupportedClaims() ­- Set of claims to which the user profile details should be saved in the Identity Server.

2. registerUser() -­ This registers a user in the system. You need to pass values like user name, password, claim attributes and values returned from the previous call and the tenant domain. The confirmation code is sent by email to the given email address.

Confirm Account

The sequence of service calls are described below for account confirmation.

1. getCaptcha() -­ Get the captcha for the current request.

2. confirmUserSelfRegistration() -­ The confirmation code sent to user account, user name, captcha details and tenant domain needs to be passed to the call. Upon successful verification the account is unlocked. Also the verification status is returned to the caller.