forked from community/product-iots
91 lines
3.6 KiB
91 lines
3.6 KiB
#
|
|
# Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
|
#
|
|
# WSO2 Inc. licenses this file to you under the Apache License,
|
|
# Version 2.0 (the "License"); you may not use this file except
|
|
# in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing,
|
|
# software distributed under the License is distributed on an
|
|
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
# KIND, either express or implied. See the License for the
|
|
# specific language governing permissions and limitations
|
|
# under the License.
|
|
#
|
|
|
|
# Identity listener is enable
|
|
|
|
Identity.Listener.Enable=true
|
|
|
|
# Enable email sending function when recovering the account and verifying the user creation
|
|
|
|
Notification.Sending.Enable=true
|
|
Notification.Expire.Time=7200
|
|
|
|
# Enable internal email sending module. If "false", email sending data would be available to application via webservice. Then application can send the email using its own email sender
|
|
|
|
Notification.Sending.Internally.Managed=true
|
|
|
|
# Enable verification of account creation. When self registration is done, user would be verified by sending email (confirmation link) to user's email account
|
|
|
|
UserAccount.Verification.Enable=true
|
|
|
|
UserAccount.Recovery.Enable=false
|
|
|
|
|
|
# Whether user can do the verification or not. If value is defined for role, Then the email is sent to users that have been assigned to this role. Not for the user who is registered.
|
|
|
|
UserAccount.Verification.Role=
|
|
|
|
# Whether captcha verification is done by identity server or application level
|
|
|
|
Captcha.Verification.Internally.Managed=true
|
|
|
|
# Whether temporary password are used when creating users or recoverying accounts
|
|
|
|
Temporary.Password.Enable=true
|
|
Temporary.Password.Default.Value=password
|
|
Temporary.Password.OneTime=false
|
|
Temporary.Password.Expire.Time=0
|
|
|
|
# Enable authentication rules other than password check
|
|
|
|
Authentication.Policy.Enable=false
|
|
|
|
# Enable following checking on authenication. By default account lock check is enable
|
|
|
|
Authentication.Policy.Check.Account.Exist=false
|
|
Authentication.Policy.Check.Account.Lock=false
|
|
Authentication.Policy.Check.OneTime.Password=false
|
|
Authentication.Policy.Check.Password.Expire=false
|
|
|
|
# Configuration to build an authentication policy
|
|
|
|
Authentication.Policy.Password.Expire.Time=0
|
|
# If account verification is not enabled, following property will decide where user must be lock or not after user is created
|
|
Authentication.Policy.Account.Lock.On.Creation=false
|
|
Authentication.Policy.Account.Lock.Time=0
|
|
Authentication.Policy.Account.Lock.On.Failure=false
|
|
Authentication.Policy.Account.Lock.On.Failure.Max.Attempts=0
|
|
|
|
# Define pluggable extension points
|
|
|
|
Identity.Mgt.Random.Password.Grenerator=org.wso2.carbon.identity.mgt.password.DefaultPasswordGenerator
|
|
Identity.Mgt.User.Data.Store=org.wso2.carbon.identity.mgt.store.UserStoreBasedIdentityDataStore
|
|
Identity.Mgt.Notification.Sending.Module.1=org.wso2.carbon.identity.mgt.mail.DefaultEmailSendingModule
|
|
Identity.Mgt.User.Recovery.Data.Store=org.wso2.carbon.identity.mgt.store.RegistryRecoveryDataStore
|
|
|
|
|
|
# Define password policy enforce extensions
|
|
|
|
Password.policy.extensions.1=org.wso2.carbon.identity.mgt.policy.password.DefaultPasswordLengthPolicy
|
|
Password.policy.extensions.1.min.length=6
|
|
Password.policy.extensions.1.max.length=12
|
|
Password.policy.extensions.2=org.wso2.carbon.identity.mgt.policy.password.DefaultPasswordNamePolicy
|
|
Password.policy.extensions.3=org.wso2.carbon.identity.mgt.policy.password.DefaultPasswordPatternPolicy
|
|
Password.policy.extensions.3.pattern=^((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%&*])).{0,100}$
|
|
|