Recaptcha with WSO2 Identity Server ask username and password twice when max failed attempt=0

1
votes

I have enabled recaptcha in WSO2(wso2is-km-5.9.0) by following https://is.docs.wso2.com/en/5.9.0/learn/setting-up-recaptcha/ Steps to recreate: 1.Generate keys and secret from gmail account 2.Add these to WSO2_HOME/repository/conf/identitycaptcha-config.properties 3.Restart the Identity Server(IS) services. 4.Enable recaptcha from IS console:Identity provider->Resident->Login Policies->Captcha for SSO login->Enable 5.When I enable Max failed attempts=0 so that the login asks the users for recaptcha each time during login, there is an issue...while opening https://Identity_server_DNS:9443/dashboard the login prompts for username and password, after submitting this request the login page reappears with username and password and now with a Recaptcha, which means I have to enter username and password again now but now also with recaptcha

How do I enable Recaptcha to appear always at login page???

1
google-apiwso2recaptchawso2is

1 Answers

0
votes

There is an issue with the toml configuration in the mentioned documentation. Please use the following corrected deployment.toml in the 4th step.

# Google reCAPTCHA settings

# Enable Google reCAPTCHA
[recaptcha] 
enabled= true

# reCaptcha API URL
api_url="https://www.google.com/recaptcha/api.jssss"

# reCaptcha verification URL
verify_url="https://www.google.com/recaptcha/api/siteverify"

# reCaptcha site key
site_key="6Lc8THgUAAAAAPekxT991FGFXRrsiPCMNv5PwZHB"

# reCaptcha secret key
secret_key="6Lc8THgUAAAAAEu83iOwSin_CSt6gqe97aa7EGFd"

The documentation issue will be fixed with this PR. Thank you for reporting.

[Update]

About your use-case, the current implementation of the doesn't have the ability to cover this use case. The implementation needs the username, from this only the tenant name can be retrieved and specific tenant configurations(the Max failed attempts you configured in the resident idp ) can be used for the ReCaptcha.