## WSO2 IS Installation

Installation

1. Download IS 5.1.0 from WSO2 Site and extract it.
2. Open <IS_HOME>/repository/conf/carbon.xml and set the HideAdminServiceWSDLs property to false.

   <HideAdminServiceWSDLs>false</HideAdminServiceWSDLs>

3. To enable self signup and account confirmation follow the below steps

   • Open <IS_HOME>/repository/conf/claim-config.xml and add the following claims mappings in the <Dialect dialectURI="http://wso2.org/claims"> section.

     <Claim>
           <ClaimURI>http://wso2.org/claims/identity/accountLocked</ClaimURI>
           <DisplayName>Account Locked</DisplayName>
           <AttributeID>accountLock</AttributeID>
           <Description>Account Locked</Description>
     </Claim>
     <Claim>
           <ClaimURI>http://wso2.org/claims/identity/passwordTimestamp</ClaimURI>
           <DisplayName>Password Timestamp</DisplayName>
           <AttributeID>facsimileTelephoneNumber</AttributeID>
           <Description>Password Timestamp</Description>
     </Claim>
     <Claim>
           <ClaimURI>http://wso2.org/claims/username</ClaimURI>
           <DisplayName>Username</DisplayName>
           <AttributeID>uid</AttributeID>
           <Description>Username</Description>
     </Claim>
     

   • Open <IS_HOME>/repository/conf/claim-config.xml and add the following claims mappings in the <Dialect dialectURI="http://wso2.org/oidc/claim"> section.

     <Claim>
           <ClaimURI>roles</ClaimURI>
           <DisplayName>Roles</DisplayName>
           <AttributeID>role</AttributeID>
           <Description>Roles</Description>
     </Claim>
     

     
     

   • Enable the Identity Listener by setting the following property to true in the <IS_HOME>/repository/conf/identity/identity.xml file.

     <EventListener type="org.wso2.carbon.user.core.listener.UserOperationEventListener" name="org.wso2.carbon.identity.mgt.IdentityMgtEventListener" orderId="50" enable="true"/>

   • Do the following configurations in the <IS_HOME>/repository/conf/identity/identity­-mgt.properties file.

     
     Notification.Sending.Internally.Managed=true
     Authentication.Policy.Account.Lock.On.Creation=true
     Notification.Expire.Time=7200
     Notification.Sending.Enable=true
     Authentication.Policy.Enable=true
     

   • Configure the email-admin-config.xml file found in <IS_HOME>/repository/conf/email/ with the email template of type “accountConfirmation”.

   • Edit the org.apache.axis2.transport.mail.MailTransportSender section in the <IS_HOME>/repository/conf/axis2/axis2.xml to valid email account configuration.
     IS server should have access to this email account for remotely login.

     
     <transportSender name="mailto"class="org.apache.axis2.transport.mail.MailTransportSender">
         <parameter name="mail.smtp.from">wso2demomail@gmail.com</parameter>
         <parameter name="mail.smtp.user">wso2demomail</parameter>
         <parameter name="mail.smtp.password">mailpassword</parameter>
         <parameter name="mail.smtp.host">smtp.gmail.com</parameter>
         <parameter name="mail.smtp.port">587</parameter>
         <parameter name="mail.smtp.starttls.enable">true</parameter>
         <parameter name="mail.smtp.auth">true</parameter>
     </transportSender>
     

4. Go to <IS_HOME>/bin and start IS server using ./wso2server.sh (use ./wso2server.sh start for starting in daemon mode).

WSO2 IS Configuration

1. Creating a new tenant.
2. Registering a new OAuth Service Provider.

Optional Steps

1. How to configure a mysql backend database for wso2 IS server - MySQL DB Configuration
2. How to configure a valid server certificate for the wso2 IS server - Configure Server Certificate