WSO2IS-5.3.0 Pb with password management

0
votes

I'm migrating my app from wso2is-5.2.0 to wso2is-5.3.0. In user-mngt.xml I have from 5.2.0

<Property name="PasswordJavaRegEx">^[\S]{1,30}$</Property>
<Property name="PasswordJavaScriptRegEx">^[\S]{1,30}$</Property>
<Property name="PasswordJavaRegExViolationErrorMsg">Password length should be within 1 to 30 characters</Property>

In the wso2is-5.3.0 carbon console, I put the same values from Identity Providers > Resident > Password Policies > Password Pattern and restart wso2is, but I still cannot create a user from webservice, getting the following error :

Caused by: org.wso2.carbon.user.core.UserStoreException: Password at least should have 6 characters at org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener.handleEvent(IdentityMgtEventListener.java:626) at org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener.handleEvent(IdentityMgtEventListener.java:585) at org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener.doPreAddUser(IdentityMgtEventListener.java:194) at org.wso2.carbon.user.core.common.AbstractUserStoreManager.addUser(AbstractUserStoreManager.java:1514)

whether I check "Enable Password Policy Feature" or not in the carbon console, my values are not taken into account... Is there a third way (registry ?) to change password policy ?

Regards

1
wso2is

1 Answers

0
votes

You need to set the matching values for Password Policy Min Length (to 1 in your case) and Password Policy Max Length (to 30 in your case) at Resident IdP -> Password Policies -> Password Patterns.

All of the min length, max lengths, and pattern should be matched by the given password to become a valid one.