Re: [keycloak-user] Multiple password policies
No, neither of the things you mentioned is available OOTB.
I wonder that we may need something like FilterPasswordPolicy, which
will allow to configure child/delegate password policy and the filter
(for example with usage of the scripting engine like our
ScriptBasedAuthenticator is using)? The filter may allow you to specify
for example that:
- User in role "admin" must have password of at least 10 characters
- User, who is not in the role "admin" must have password of at least 7
characters
etc.
Fact is, that it's not available OOTB at this moment. You may either try
to create some custom PasswordPolicyProvider(s) by yourself. Or you can
try to contribute something generic (like the FilterPasswordPolicy
provider I mentioned above) and contribute to Keycloak?
Marek
On 17/08/18 12:32, Jamie McDowell wrote:
Hi,
Further to my email below can you have a password policy assigned to a realm role?
Regards,
Jamie
On Thursday, 16 August 2018, 15:32:22 BST, Jamie McDowell
<jambo_mcd(a)yahoo.co.uk> wrote:
Hi,
Can you have multiple password policies on the same realm where you are using an LDAP
instance (Federated)
We have Keycloak set up federating to an OpenLDAP server. On the LDAP server we have 2
OU's, 1 for users and the other for service accounts - Both of these need to have
different passwords such as length and complexity.
We have the password policy defined on the OpenLDAP. Can Keycloak have multiple
policies?
Has anyone configured this before or can suggest alternatives?
Regards,
Jamie
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user