Page Comparison

...

1. Set up reCAPTCHA with WSO2 Identity Server. For instructions on how to do this and more information about reCAPTCHA, see Setting Up ReCaptcha. 

2. If you want to modify the filter mapping for reCAPTCHA: 
   1. Open the web.xml file in the <IS_HOME>/repository/conf/tomcat/carbon/WEB-INF directory.

   2. Locate the following filter and modify the relevant URL patterns if required. 

      Code Block
      language xml
      <filter> <filter-name>CaptchaFilter</filter-name> <filter-class>org.wso2.carbon.identity.captcha.filter.CaptchaFilter</filter-class> </filter> <filter-mapping> <filter-name>CaptchaFilter</filter-name> <url-pattern>/samlsso</url-pattern> <url-pattern>/oauth2</url-pattern> <url-pattern>/commonauth</url-pattern> <dispatcher>FORWARD</dispatcher> <dispatcher>REQUEST</dispatcher> </filter-mapping>

3. Start WSO2 Identity Server and sign in to the Management Console.
4. On the Main tab, click Identity > Identity Providers > Resident.
   
5. To configure captcha:
   1. Expand Login Policies > Captcha for SSO Login. 
      Image RemovedImage Added

   2. Provide the required data as given below. 

      Field	Description	Sample Value
      Enable	This determines whether the captcha verification at SSO should be enabled or not.	Enable
      Max failed attempts	This defines the maximum number of failed attempts allowed without having to use the captcha. Note This value should be less than the number of failed attempts configured for account locking in the next step.	3

      

6. To configure account locking: 

   Warning
   This configuration ensures that user account gets locked when an incorrect password is typed even after using the captcha.

   1. Expand  Login Policies > Account Locking.

      Image RemovedImage Added

   2. Provide the required data as given below. 

      Field	Description	Sample Value
      Account Lock Enabled	This determines whether the accounts should get locked for failed logins or not.	Enabled
      Maximum Failed Login Attempts	This defines the maximum number of failed attempts allowed.	5
      Account Unlock Time	This defines the duration in minutes for which the account is locked for.	5
      Lock Timeout Increment Factor	This defines how the account unlock time should be increased for every subsequent account locking.	2

      Image Removed

      Enable Notification Internally Management

      This determines whether the client application handles notifications or not.

      Selected

      Image Added

7. Click Update.
   You have successfully configured reCAPTCHA for SSO.

8. Access the WSO2 Identity Server Dashboard.

9. Attempt signing in as an administrator with an incorrect password for three times. The reCAPTCHA appears.