This is about a new feature addition that can be expected to be out with WSO2 Identity Server 5.2.0 version, which has been added to the current master branch for WSO2 IS at https://github.com/wso2/carbon-identity/.
This feature is to cater for account disability requirements in addition to account locking. Account disabling function is provided through a user claim as similar to account locking functionality. While account locking is a temporarily blocking of user login due to a defined policy like consecutive unsuccessful login, account disabling will cater for disabling user account which is much more long term.
How to try?
- Enable 'org.wso2.carbon.identity.mgt.IdentityMgtEventListener' in <IS_HOME>/repository/conf/identity/identity.xml file under Event Listeners.
<EventListener type="org.wso2.carbon.user.core.listener.UserOperationEventListener" name="org.wso2.carbon.identity.mgt.IdentityMgtEventListener" orderId="50" enable="true"/>
- in <IS_HOME>/repository/conf/identity/identity-mgt.properties file configure below properties.
After the configurations are done, restart the server to have them effective.
Under claim manaement of WSO2 Identity Server, edit the claim "http://wso2.org/claims/identity/accountDisabled"to be supported by default. How to do this is described at https://docs.wso2.com/display/IS510/Editing+Claim+Mapping.
Now the required configurations are done. We can disable, enable user accounts through user profile.