Re: [keycloak-dev] [KEYCLOAK-4052] implementation
* There needs to be a config option whether or not the password policy
should be considered or not
* Before trying the password policy you need to check if the credential
being update is indeed a password and not a different type
* Tests need to be added (update password success, update password rejected
due to policy, with/without config password policy check on, updating
different types of credentials doesn't break, etc.)
On 15 September 2017 at 08:36, Cédric Couralet <cedric.couralet(a)gmail.com>
wrote:
Hi,
This place is surely better than a comment in JIRA. I really need this
issue to be resolved. I tried a fistr patch quickly, which was
rejected[1], but is it possible to verify the credential type befoer
the password policy check in UserCredentialStoreManager.java or is it
the wrong direction?
[1]: https://github.com/keycloak/keycloak/pull/4364/files
Regards,
--
Cédric Couralet
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev