在WSO2 Identity Server中禁用用户帐户

Question

Is it possible to disable a user account in WSO2 Identity Server 5.0 after a certain period of inactivity? Is there any way to implement this using a REST or SAOP API?

Answer 1

i'm new on WSO2 Identity Server, but I would try this way:

• Create a scheduled job. You can implement it as you want or, for example, you can use WSO2 Task Server features.
• The scheduled could call a web service, who implements these steps:
  1. read last login timestamp for each user in IS;
  2. calculate difference from last login timestamp e current timestamp;
  3. populate a list of users to disable;
  4. for each user to disable, call the WSO2 Identity Server Admin Services to "disable operation".

I'don't find the "disable operation" implemented in IS, so i think you could realize a DISABLE status creating a role, called "USER_DISABLED", without login permission or try to remove login permission on the original role of the user.

As I said i'm new on WSO2 IS, but i would try this way.

Sorry for my english.

Bye Vincenzo F.

Answer 2

You cannot directly disable the user account. what you can do is, you can disable user account by changing the permission of the user in the user group. In order to disable the login account You have to add the particular user to that user group. You can un-check it at the user permission tree.

Find the below steps to change the user permission:

1. Login to WSO2 IS Management Console.
2. Click on Configure to access the Configure menu.
3. From the Configure menu, select Users and Roles.
4. On the User Management page, click on the Roles link.
5. Locate the role you want to edit, and click on the Permissions link associated with it.
6. On the Permissions of the Role page, deselect permissions assigned to the role using the check-boxes.
7. finally click on the Update button to save the alterations.