## WSO2 IS Installation
Installation
- Download IS 5.1.0 from WSO2 Site and extract it.
- Open <IS_HOME>/repository/conf/carbon.xml and set the HideAdminServiceWSDLs property to false.
<HideAdminServiceWSDLs>false</HideAdminServiceWSDLs>
-
To enable self signup and account confirmation follow the below steps
- Open <IS_HOME>/repository/conf/claim-config.xml and add the following claims mappings in the <Dialect dialectURI="http://wso2.org/claims"> section.
<Claim> <ClaimURI>http://wso2.org/claims/identity/accountLocked</ClaimURI> <DisplayName>Account Locked</DisplayName> <AttributeID>accountLock</AttributeID> <Description>Account Locked</Description> </Claim> <Claim> <ClaimURI>http://wso2.org/claims/identity/passwordTimestamp</ClaimURI> <DisplayName>Password Timestamp</DisplayName> <AttributeID>facsimileTelephoneNumber</AttributeID> <Description>Password Timestamp</Description> </Claim> <Claim> <ClaimURI>http://wso2.org/claims/username</ClaimURI> <DisplayName>Username</DisplayName> <AttributeID>uid</AttributeID> <Description>Username</Description> </Claim>
-
Open <IS_HOME>/repository/conf/claim-config.xml and add the following claims mappings in the <Dialect dialectURI="http://wso2.org/oidc/claim"> section.
<Claim> <ClaimURI>roles</ClaimURI> <DisplayName>Roles</DisplayName> <AttributeID>role</AttributeID> <Description>Roles</Description> </Claim>
-
Enable the Identity Listener by setting the following property to true in the <IS_HOME>/repository/conf/identity/identity.xml file.
<EventListener type="org.wso2.carbon.user.core.listener.UserOperationEventListener" name="org.wso2.carbon.identity.mgt.IdentityMgtEventListener" orderId="50" enable="true"/>
-
Do the following configurations in the <IS_HOME>/repository/conf/identity/identity-mgt.properties file.
Notification.Sending.Internally.Managed=true Authentication.Policy.Account.Lock.On.Creation=true Notification.Expire.Time=7200 Notification.Sending.Enable=true Authentication.Policy.Enable=true
-
Configure the email-admin-config.xml file found in <IS_HOME>/repository/conf/email/ with the email template of type “accountConfirmation”.
-
Edit the org.apache.axis2.transport.mail.MailTransportSender section in the <IS_HOME>/repository/conf/axis2/axis2.xml to valid email account configuration.
IS server should have access to this email account for remotely login.<transportSender name="mailto"class="org.apache.axis2.transport.mail.MailTransportSender"> <parameter name="mail.smtp.from">wso2demomail@gmail.com</parameter> <parameter name="mail.smtp.user">wso2demomail</parameter> <parameter name="mail.smtp.password">mailpassword</parameter> <parameter name="mail.smtp.host">smtp.gmail.com</parameter> <parameter name="mail.smtp.port">587</parameter> <parameter name="mail.smtp.starttls.enable">true</parameter> <parameter name="mail.smtp.auth">true</parameter> </transportSender>
- Open <IS_HOME>/repository/conf/claim-config.xml and add the following claims mappings in the <Dialect dialectURI="http://wso2.org/claims"> section.
-
Go to <IS_HOME>/bin and start IS server using ./wso2server.sh (use ./wso2server.sh start for starting in daemon mode).
WSO2 IS Configuration
- Creating a new tenant.
- Registering a new OAuth Service Provider.
Optional Steps
- How to configure a mysql backend database for wso2 IS server - MySQL DB Configuration
- How to configure a valid server certificate for the wso2 IS server - Configure Server Certificate