Project

General

Profile

Actions
Copy link

Defect #1459

closed

Enhanced control - cannot set password starting with *, username similarity doesn't work

Added by Alena Peterová about 5 years ago. Updated about 5 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
Ondřej Kopr
Category:
Password policy
Target version:
Opal (9.4.0)
Start date:
01/21/2019
Due date:
% Done:

0%

Estimated time:
Affected versions:
Owner:

Description

Affected version: 9.3.3

When Enhanced control in password policy for validation is enabled and you we try to change password to "*demo1234", we get Server error.
Error in the log:

java.util.regex.PatternSyntaxException: Dangling meta character '*' near index 6
(?i).**demo1234.*
      ^
        at java.util.regex.Pattern.error(Pattern.java:1957)

Also, if you try to use the password "abecedau1234*" for user "abecedau", the password passes the control, even if username is not enabled in the password.

And if you try to use the password "........", it "matches" all user attributes:

Files

Download all files
password_policy_regex.png (25.2 KB) password_policy_regex.png Alena Peterová, 01/21/2019 12:57 PM
password_policy_enhanced_control.png (38.4 KB) password_policy_enhanced_control.png Alena Peterová, 01/21/2019 12:57 PM

Related issues

Related to IdStory Identity Manager - Defect #1407: Control of personal attributes in password policy doesn't workClosedOndřej Kopr12/07/2018

Actions
Actions
Copy link
 #1

Updated by Vít Švanda about 5 years ago

  • Target version set to Opal (9.4.0)
Actions
Copy link
 #2

Updated by Ondřej Kopr about 5 years ago

  • Related to Defect #1407: Control of personal attributes in password policy doesn't work added
Actions
Copy link
 #3

Updated by Ondřej Kopr about 5 years ago

  • Status changed from New to Rejected

This is solved in version 9.4.0-rc.1 See ticket #1407. It is same problem as second case.

Actions
Copy link

Also available in: Atom PDF