<html><body><div>Hi All,</div><div><br data-mce-bogus="1"></div><div>keycloak does not pass an empty password to the validCredentials method in the UserFederationProvider class.</div><div>Is there a reason for that? I would like to authenticate against an AD even if the password is empty, otherwise the user won't be blocked after x attempts.</div><div><br data-mce-bogus="1"></div><div>Michael</div></body></html>