Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-9860

Passwords from blacklist are not matched

    Details

    • Type: Bug
    • Status: Triage (View Workflow)
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 4.5.0.Final, 4.8.3.Final
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Environment:

      Docker images from jboss/keycloak.$version

    • Steps to Reproduce:
      Hide

      1, create blacklist folder - in my case /opt/jboss/keycloak/standalone/data/password-blacklists
      2, create file called blacklist.txt with one liner London99
      3, in the realm settings - Authentication - Password policy add Password Blacklist policy with blacklist.txt as Value
      4, change or reset user's password from that particular realm to London99
      5, 'Your password has been updated. '

      Show
      1, create blacklist folder - in my case /opt/jboss/keycloak/standalone/data/password-blacklists 2, create file called blacklist.txt with one liner London99 3, in the realm settings - Authentication - Password policy add Password Blacklist policy with blacklist.txt as Value 4, change or reset user's password from that particular realm to London99 5, 'Your password has been updated. '
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      The passwords from blacklist file are not matched against the passwords users are setting up either during password change in account page or password reset when following the link.

      I thought I do have some weird characters in the file, so I created one line test file, which was correctly applied (otherwise you'll get that error mentioned in https://issues.jboss.org/browse/KEYCLOAK-8065 ), but when I try to change user password, it passes.

      I don't have any error message, any exceptions, nothing...

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  Unassigned
                  Reporter:
                  zbysek_mraz Zbyšek MRÁZ
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated: