On Thu, Feb 22, 2018 at 2:55 PM, Isura Karunaratne <is...@wso2.com> wrote:
> Hi Isuru, > > > > On Thu, Feb 22, 2018 at 2:26 PM, Isuru Uyanage <isur...@wso2.com> wrote: > >> Hi All, >> >> I tried the steps included in doc [1]. As it describes, after 5 invalid >> login attempts, the particular user account gets locked. After 5 minutes, >> as per the config, once user tries to log in with correct credentials, he >> is able to log in and the account gets unlocked. >> >> As per doc[2] step 6, it says if Authentication.Policy.Account.Lock.Time is >> not equal to zero only above process happens. If it is 0, then the admin >> user needs to unlock the user account through Management Console or through >> Admin Services. [3] >> >> When a user gets self signed up, the role which that user gets assigned >> is *Internal/selfsignup* and permission given is login only. But even >> if above value is 0, selfsignup user can get his account unlocked after the >> specified time. Admin user does not need to do it through the Management >> Console. >> >> Therefore, what is the actual purpose of >> Authentication.Policy.Account.Lock.Time >> property in <IS_HOME>/repository/conf/identity/identity-mgt.properties >> file? >> > > This doc needs to be corrected. It should be account.lock.handler.Time in > identity.xml. But, file based configuratoins applied for super tenant at > the first server startup only. > @Isura, Is this from IS 5.5.0 onward only ? > > Ideally, the self signup users should be unlocked based on unlock time > configurations. > > Regads, > Isura. > > That need > >> >> Is above information in the doc[2] and doc[3] not valid for >> self-signup users? >> >> [1] - https://docs.wso2.com/display/IS550/Self+Sign+Up+and+ >> Account+Confirmation#SelfSignUpandAccountConfirmation-Tryoutselfsignup >> [2] - https://docs.wso2.com/display/IS550/Account+Locking+by+ >> Failed+Login+Attempts >> [3] - https://docs.wso2.com/display/IS550/Locking+a+Specific+User+Account >> >> >> Any thoughts are appreciated. >> >> >> *Thanks and Best Regards,* >> >> *Isuru Uyanage* >> *Software Engineer - QA | WSO2* >> *Mobile : **+94 77 <+94%2077%20767%201807> 55 30752* >> *LinkedIn: **https://www.linkedin.com/in/isuru-uyanage/ >> <https://www.linkedin.com/in/isuru-uyanage/>* >> >> >> >> > > > -- > > *Isura Dilhara Karunaratne* > Associate Technical Lead | WSO2 > Email: is...@wso2.com > Mob : +94 772 254 810 <+94%2077%20225%204810> > Blog : http://isurad.blogspot.com/ > > > >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev