Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Password policy rules from the old connector are not considered #22108

Open
deshankoswatte opened this issue Dec 24, 2024 · 0 comments
Open

Password policy rules from the old connector are not considered #22108

deshankoswatte opened this issue Dec 24, 2024 · 0 comments
Labels

Comments

@deshankoswatte
Copy link
Member

Description

When the following configuration is added, password policy validation can be performed in a manner compatible with previous versions of WSO2 IS:

[identity_mgt.password_policy.password_policy_validation_handler]  
enable = true

[event.default_listener.validation]  
enable = false

After enabling this configuration, the password policy can be edited by navigating to Password Validation under the Login & Registration tab.

image

However, even with this configuration enabled for password validation, if you navigate to the Users tab and attempt to reset a user's password, the validation rules API (/api/server/v1/validation-rules) is incorrectly used to fetch the password policies. The correct policies should be retrieved from the old connector.

image

This issue should be fixed in the Console UI and any other locations where it occurs.

Steps to Reproduce

  • Add the above-mentioned configuration to the deployment.toml file and restart the server.
  • Set a password validation rule in the console.
  • Try to reset or set a user password (the rules in the validation rules API are used to validate the password).

Version

wso2is-7.0.0

Environment Details (with versions)

  • OS: Mac OS
  • Database: H2
  • Userstore: JDBC
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant