If the directory/file paths specified in this guide do not exist in your WSO2 product, see Directory Structure of WSO2 Products to locate the paths applicable to your product.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tip

Do you have any special characters in passwords?

For usernames and passwords inside XML files, take care when giving special characters. According to XML specification (http://www.w3.org/TR/xml/), some special characters can disrupt the configuration. For example, the ampersand character (&) must not appear in the literal form in XML files. It can cause a Java Null Pointer exception. You must wrap it with CDATA (http://www.w3schools.com/xml/xml_cdata.asp) as shown below or remove the character:


 

Code Block
languagexml
<Password>
    <![CDATA[xnvYh?@VHAkc?qZ%Jv855&A4a,%M8B@h]]>
</Password>

...

To unlock an admin user who is locked due to an exceeding number of login failures, restart the server using the -unlockAdmin DunlockAdmin system property

Recovering a password

...

  1. Open <PRODUCT_HOME>/repository/conf/carbon.xml

  2. Uncomment the commented out configuration EnableEmailUserName. This enables email authentication.

    Code Block
    languagehtml/xml
    <EnableEmailUserName>true</EnableEmailUserName>
    Tip

    Tip: When you do this configuration, the email becomes the admin username and you cannot configure your email address as an attribute in your user profile.

  3. Next, edit <PRODUCT_HOME>/repository/conf/user-mgt.xml. You might be connected to an LDAP, Active Directory, or a JDBC-based user store. Regardless of the user store manager, change the following:

    ParameterDescription
    UserNameAttribute

    Set the mail attribute of the user.

    Code Block
    languagehtml/xml
    <Property name="UserNameAttribute">mail</Property>
    UserNameSearchFilter

    Use the mail attribute of the user instead of cn or uid.

    Code Block
    languagehtml/xml
    <Property name="UserNameSearchFilter">(&amp;(objectClass=identityPerson)(mail=?))</Property>
    UserNameListFilter

    Use the mail attribute of the user in the user name filter list as well.

    Code Block
    languagehtml/xml
    <Property name="UserNameListFilter">(&amp;(objectClass=identityPerson)(mail=*))</Property>
    UsernameJavaRegEx

    Use the following email regex.

    Code Block
    languagehtml/xml
    <Property name="UsernameJavaRegEx">^[_A-Za-z0-9-\+]+(\.[_A-Za-z0-9-]+)*@[A-Za-z0-9-]+(\.[A-Za-z0-9]+)*(\.[A-Za-z]{2,})$</Property>
    UserDNPattern

    This parameter is used to speed up the LDAP search operations. You can comment out this config.

    Code Block
    languagehtml/xml
    <!--Property name="UserDNPattern">cn={0},ou=Users,dc=wso2,dc=com</Property-->
    Realm configurations

    The AdminUser username should use the email attribute of the admin user.

    Code Block
    languagehtml/xml
    <AdminUser>
             <UserName>admin@wso2.com</UserName>
             <Password>admin</Password>
    </AdminUser>