Uploaded image for project: 'RH-SSO'
  1. RH-SSO
  2. RHSSO-2190

Password policy is not respected during the user creation using Rest API and LDAP

XMLWordPrintable

    • False
    • None
    • False
    • Hide
      1. Configure the LDAP w/ "Sync Registrations" and  "Validate Password Policy" flags ON
      2. Configure the password policy on Authentication tab, for example: Minimum Length  = 8
      3. Use the RH-SSO rest API to create a new user w/ the wrong password, w/ 1 digit for example;
      4. Check the LDAP server, the user is created, and if you sync the users from LDAP to RH-SSO, the user is present.

      The API only returns

       
       

      { "errorMessage": "Password policy not met" }

       

      Show
      Configure the LDAP w/ "Sync Registrations" and  "Validate Password Policy" flags ON Configure the password policy on Authentication tab, for example: Minimum Length  = 8 Use the RH-SSO rest API to create a new user w/ the wrong password, w/ 1 digit for example; Check the LDAP server, the user is created, and if you sync the users from LDAP to RH-SSO, the user is present. The API only returns     { "errorMessage" : "Password policy not met" }  

      Hello team, 

      The customer had found an issue (and I was able to reproduce) that the password policy isn't respected even with the "Validate Password Policy" flag enabled on LDAP configurations. The same validation works if we try to create the user using the RH-SSO new user form, but the user is being created on LDAP (and synced to RHSSO) if the creation is by Rest API.

       

      Thanks

      Pedro Silva

            Unassigned Unassigned
            rhn-support-pesilva Pedro Silva
            Alexandre Dos Santos
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated: