This documentation is for WSO2 Identity Server 5.2.0 . View documentation for the latest release.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Enable the Identity Listener by setting the <UserOperationEventListener> property with the name "IdentityMgtEventListener" to true in the <IS_HOME>/repository/conf/identity/identity.xml file.

    Code Block
    languagexml
    <EventListener type="org.wso2.carbon.user.core.listener.UserOperationEventListener" name="org.wso2.carbon.identity.mgt.IdentityMgtEventListener" orderId="50" enable="true"/>
  2. Configure the following parameters in the <IS_HOME>/repository/conf/identity/identity-mgt.properties file.

    Configuration

    Description

    Authentication.Policy.Enable=true

    This enables the authentication flow level which checks for the account lock and one time password features. This property must be enabled for the account lock feature to work.

    Authentication.Policy.Account.Lock.On.Failure=true

    This enables locking the account when authentication fails.

    Authentication.Policy.Account.Lock.On.Failure.Max.Attempts=2

    This indicates the number of consecutive attempts that a user can try to log in without the account getting locked. In this case, if the login fails twice, the account is locked.

    Authentication.Policy.Account.Lock.Time=5

    The time specified here is in minutes. In this case, the account is locked for five minutes and authentication can be attempted once this time has passed.

    Code Block
    languagebash
    Authentication.Policy.Enable=true
    Authentication.Policy.Account.Lock.On.Failure=true
    Authentication.Policy.Account.Lock.On.Failure.Max.Attempts=2
    Authentication.Policy.Account.Lock.Time=5

...

  1. Configure the following parameters in the <IS_HOME>/repository/conf/identity/identity-mgt.properties file.

    ConfigurationDescription

    Notification.Expire.Time=7200

    The time specified here is in minutes. In this case, the notification expires after 7200 minutes.

    Notification.Sending.Internally.Managed=true

    This enables the internal email sending module. If this property is set to false, the email sending data is available to the application via a Web service. Thus the application can send the email using its own email sender.

    Notification.Sending.Enable=true

    This property enables the email sending function when the password account is unlocked.

    Code Block
    languagebash
    Notification.Sending.Enable=true
    Notification.Expire.Time=7200
    Notification.Sending.Internally.Managed=true
  2. Navigate to the <IS_HOME>/repository/conf/axis2/axis2.xml file and uncomment the following property. Change the parameter values according to your email (see the second code block below for an example of this).  

    Code Block
    languagexml
    <!--<transportSender name="mailto"
    class="org.apache.axis2.transport.mail.MailTransportSender">

     

    Code Block
    languagexml
    titleExample
    <transportSender name="mailto"
    class="org.apache.axis2.transport.mail.MailTransportSender">
        <parameter name="mail.smtp.from">sampleemail@gmail.com</parameter>
        <parameter name="mail.smtp.user">sampleemail</parameter>
        <parameter name="mail.smtp.password">password</parameter>
        <parameter name="mail.smtp.host">smtp.gmail.com</parameter>
        <parameter name="mail.smtp.port">587</parameter>
        <parameter name="mail.smtp.starttls.enable">true</parameter>
        <parameter name="mail.smtp.auth">true</parameter>
    </transportSender>
  3. Make sure the following email template is defined in the <IS_HOME>/repository/conf/email/email-admin-config.xml file. This is the format in which the email is sent to the user when the account is unlocked.

    Code Block
    languagexml
    <configuration type="accountUnLock">
        <targetEpr></targetEpr>
        <subject>WSO2 Carbon - Your account unlocked</subject>
        <body>
            Hi {first-name},
            Please note that the account registered with us with the user name: {user-name} has been unlocked by Admin.
        </body>
        <footer>
            Best Regards,
            WSO2 Identity Server Team
            http://www.wso2.com
        </footer>
        <redirectPath></redirectPath>
    </configuration>
  4. Restart the server once the configuration changes are made.

...

Panel
titleRelated Topics