Project

General

Profile

Actions
Copy link

Defect #1459

closed

Enhanced control - cannot set password starting with *, username similarity doesn't work

Added by Alena Peterová over 5 years ago. Updated over 5 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
Ondřej Kopr
Category:
Password policy
Target version:
Opal (9.4.0)
Start date:
01/21/2019
Due date:
% Done:

0%

Estimated time:
Affected versions:
Owner:

Description

Affected version: 9.3.3

When Enhanced control in password policy for validation is enabled and you we try to change password to "*demo1234", we get Server error.
Error in the log:

java.util.regex.PatternSyntaxException: Dangling meta character '*' near index 6
(?i).**demo1234.*
      ^
        at java.util.regex.Pattern.error(Pattern.java:1957)

Also, if you try to use the password "abecedau1234*" for user "abecedau", the password passes the control, even if username is not enabled in the password.

And if you try to use the password "........", it "matches" all user attributes:

Files

Download all files
password_policy_regex.png (25.2 KB) password_policy_regex.png Alena Peterová, 01/21/2019 12:57 PM
password_policy_enhanced_control.png (38.4 KB) password_policy_enhanced_control.png Alena Peterová, 01/21/2019 12:57 PM

Related issues

Related to IdStory Identity Manager - Defect #1407: Control of personal attributes in password policy doesn't workClosedOndřej Kopr12/07/2018

Actions
Actions
Copy link

Also available in: Atom PDF