Add validation for password in overlord commons installer --------------------------------------------------------- Key: SRAMP-384 URL: https://issues.jboss.org/browse/SRAMP-384 Project: S-RAMP Issue Type: Bug Security Level: Public(Everyone can see) Reporter: Eric Wittmann Assignee: David virgil naranjo Fix For: 0.5.0 - API Management Currently the overlord commons installer is responsible for doing all security related work. This includes creating the overlord 'admin' user and configured a password for this user. The installer prompts the user for this password and then passes whatever the user entered to the JBoss EAP add-user utility. This utility will fail if the password does not meet certain standards. However, the utility fails without failing the overall install. The installer should do its own validation of the password entered by the user so that this silent failure doesn't happen. Also note that the password input and validation should happen before anything else security related gets installed.