Hi Isuru,
On Thu, Feb 22, 2018 at 2:26 PM, Isuru Uyanage <isur...@wso2.com> wrote: > Hi All, > > I tried the steps included in doc [1]. As it describes, after 5 invalid > login attempts, the particular user account gets locked. After 5 minutes, > as per the config, once user tries to log in with correct credentials, he > is able to log in and the account gets unlocked. > > As per doc[2] step 6, it says if Authentication.Policy.Account.Lock.Time is > not equal to zero only above process happens. If it is 0, then the admin > user needs to unlock the user account through Management Console or through > Admin Services. [3] > > When a user gets self signed up, the role which that user gets assigned is > *Internal/selfsignup* and permission given is login only. But even if > above value is 0, selfsignup user can get his account unlocked after the > specified time. Admin user does not need to do it through the Management > Console. > > Therefore, what is the actual purpose of > Authentication.Policy.Account.Lock.Time > property in <IS_HOME>/repository/conf/identity/identity-mgt.properties > file? > This doc needs to be corrected. It should be account.lock.handler.Time in identity.xml. But, file based configuratoins applied for super tenant at the first server startup only. Ideally, the self signup users should be unlocked based on unlock time configurations. Regads, Isura. That need > > Is above information in the doc[2] and doc[3] not valid for > self-signup users? > > [1] - https://docs.wso2.com/display/IS550/Self+Sign+Up+ > and+Account+Confirmation#SelfSignUpandAccountConfirmation-Tryoutselfsignup > [2] - https://docs.wso2.com/display/IS550/Account+Locking+ > by+Failed+Login+Attempts > [3] - https://docs.wso2.com/display/IS550/Locking+a+Specific+User+Account > > > Any thoughts are appreciated. > > > *Thanks and Best Regards,* > > *Isuru Uyanage* > *Software Engineer - QA | WSO2* > *Mobile : **+94 77 <+94%2077%20767%201807> 55 30752* > *LinkedIn: **https://www.linkedin.com/in/isuru-uyanage/ > <https://www.linkedin.com/in/isuru-uyanage/>* > > > > -- *Isura Dilhara Karunaratne* Associate Technical Lead | WSO2 Email: is...@wso2.com Mob : +94 772 254 810 Blog : http://isurad.blogspot.com/
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
