Saturday, September 13, 2014

How to Lock, user account in WSO2 Identity Server 5.0.0

WSO2 Identity Server can be configured to lock the user account for exceeding maximum login attempts. It can be done from Identity Management feature and you can use [1] for configuring the identity management feature.

There can be scenarios where admin wants to lock and unlock  user account and Identity Server supports this feature through Management Console. Following steps can be used to lock user account through admin console.


Download and Install WSO2 Identity Server 5.0.0 from here.


Open web browser and go to   https://localhost:9443/carbon/admin


Login with following credentials

Username :  admin
Password  : admin


Assign login permission to internal/everyone role.


Follow steps in here to add a new user and assign internal/everyone role to created user.


Sign out from the admin user and try to log to the Identity Server with newly added user's credentials
You should be able to log in since account is not lock by default.


Login as admin and go to configure tab and select claim Management. Then select '' link and click edit the Account Lock claim. Click the Supported by Default chekbox and save the changes.


Then go to User Account Edit page and type true in Account Locked Field. Then the user is locked.