This topic lists out the steps required to configure and run the password recovery sample web application with the WSO2 Identity Server.
- WSO2 Identity Server 5.0.0 with SP1 installed. This can be downloaded from the WSO2 Identity Server product page and installed by following the instructions in the Installing the Product topic.
- Apache Tomcat 6 - To deploy the sample web application.
Configuring the sample
- Configure the web.xml file with the following.
- Specify the "carbonServerUrl" with the URL of the Identity Server. E.g., https://localhost:9443
- Specify the credentials to access Identity Server with admin privileges for "accessUsername" and "accessPassword".
- Specify the trustStore absolute resource path for "trustStorePath". E.g., path to wso2carbon.jks of the Identity Server
If you are deploying the sample in Apache Tomcat, enable the SSL configuration in the
Configure the email confirmation links. The configurations you make in this section depend on what you want to achieve.
Tip: Refer to the topic on account recovery with notification for a sample email template. See the topic on Self Sign Up and Account Confirmation for a sample email template relevant to that scenario.
The following configurations provide information on what needs to be configured based on your scenario.
To configure for password reset call back in Identity Server, open the
<IS_HOME>/repository/conf/email/email-admin-config.xmlfile and edit the section with the email type as "
passwordReset". This is the confirmation handler path of the user's confirmation.
To configure account confirmation and self sign up, edit the configuration in the
<IS_HOME>/repository/conf/email/email-admin-config.xmlfile with email type as "
accountConfirmation". Following is the call back handler for the sample.
Configure the following attributes in the
<IS_HOME>/repository/conf/security/identity-mgt.propertiesfile in the WSO2 Identity Server.
See the following table for descriptions of these configurations.
This enables the identity listener.
This enables the email sending function when recovering the account and verifying the user creation
The time specified here is in minutes. In this case, the recovery expires after 7200 minutes.
This enables the internal email sending module. If
false, the email sending data is available to the application via a Web service. Thus the application can send the email using its own email sender.
This enables the user account recovery process.
Set this to
trueif you do not have an existing captcha validation module.
To run the sample app you can either directly copy the InfoRecoverySample.war file in the target or build using maven.
Running the sample by deploying the existing .war file
- Copy the InfoRecoverySample.war file in the target folder to tomcat's webapp folder.
- Start and stop the tomcat server
- Configure tomcat as instructed above "Configuration" step.
- Start tomcat.
- Access the sample with URL - https://localhost:8443/InfoRecoverySample
Building the sample using Apache Maven
Before building the sample, ensure that the following dependencies are satisfied.
Follow the instructions in the Configuration step above.
Build the sample using Apache Maven by running the following command.
When building the sample, the Java source code of the project is compiled into class files and packaged into .jar files. The dependencies listed in the project are located in bins so that Tomcat can find and load them.
- Copy the .war file that is generated to tomcat webapps.