Self-Registration

Users can be allowed to register themselves at security.manager. When enabled, a self-registration link is displayed on the central login page. After the user submitted her user data, an account is created but put into "locked" state. The account is assigned to a default group and role. The account is unlocked after the user opened an activation link, sent via email to the specified address.

Requirements

To use the self-registration feature you have configure the connection to an SMTP server as described in the section Email server. This server is used to send an email to every user requesting a new user account. The email contains a link that is required to be opened to activate the new user account.

Configuration properties

usermgr.selfregistration.enabled

Switch self-registration on or off. Permitted values are true or false.

usermgr.selfregistration.showstartpagelink

Self-registration link to the login page of the Administrator. Permitted values are true or false.

usermgr.selfregistration.defaultgroup

Defines the group to which a newly registered user is assigned. If the group does not exist, the registration fails. The default group is Users.

usermgr.selfregistration.defaultrole

Defines the roles (separated by commas), to which a newly registered user is assigned. If these roles do not exist, the registration fails. The default role is NewUser.

usermgr.selfregistration.activation.mailing.senderaddress

Defines the email address used as the sender for activation emails. Activation emails are sent out to a user after he has completed the self-registration process. It requires him to open an activation link. Example: noreply@example.com.

usermgr.selfregister.mailing.administrationRecipients

Defines the email address for Administrators of self-registration procedures. This can be a list of email addresses with comma separation. Activation emails are sent to these addresses in BCC.

usermgr.selfregistration.activation.baseurl

Relative or absolute URL to the activation endpoint. The variable '{0}' inside the URL is replaced by the activation ID generated by security.manager.

usermgr.selfregistration.activation.timeout

Defines the validity of an account activation link in minutes. The standard period is 2880 minutes (2 days).