Hi All,

I tried the steps included in doc [1]. As it describes, after 5 invalid
login attempts, the particular user account gets locked. After 5 minutes,
as per the config, once user tries to log in with correct credentials, he
is able to log in and the account gets unlocked.

As per doc[2] step 6, it says if Authentication.Policy.Account.Lock.Time is
not equal to zero only above process happens. If it is 0, then the admin
user needs to unlock the user account through Management Console or through
Admin Services. [3]

When a user gets self signed up, the role which that user gets assigned is
*Internal/selfsignup* and permission given is login only. But even if above
value is 0, selfsignup user can get his account unlocked after the
specified time. Admin user does not need to do it through the Management

Therefore, what is the actual purpose of
property  in <IS_HOME>/repository/conf/identity/identity-mgt.properties

Is above information in the doc[2] and doc[3] not valid for
self-signup users?

[1] -
[2] -
[3] - https://docs.wso2.com/display/IS550/Locking+a+Specific+User+Account

Any thoughts are appreciated.

*Thanks and Best Regards,*

*Isuru Uyanage*
*Software Engineer - QA | WSO2*
*Mobile : **+94 77 <+94%2077%20767%201807> 55 30752*
*LinkedIn: **https://www.linkedin.com/in/isuru-uyanage/
Dev mailing list

Reply via email to