[keycloak-dev] [KEYCLOAK-4052] implementation
Stian Thorgersen
sthorger at redhat.com
Fri Sep 15 03:11:03 EDT 2017
* There needs to be a config option whether or not the password policy
should be considered or not
* Before trying the password policy you need to check if the credential
being update is indeed a password and not a different type
* Tests need to be added (update password success, update password rejected
due to policy, with/without config password policy check on, updating
different types of credentials doesn't break, etc.)
On 15 September 2017 at 08:36, Cédric Couralet <cedric.couralet at gmail.com>
wrote:
> Hi,
>
> This place is surely better than a comment in JIRA. I really need this
> issue to be resolved. I tried a fistr patch quickly, which was
> rejected[1], but is it possible to verify the credential type befoer
> the password policy check in UserCredentialStoreManager.java or is it
> the wrong direction?
>
> [1]: https://github.com/keycloak/keycloak/pull/4364/files
>
>
> Regards,
>
> --
>
> Cédric Couralet
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
More information about the keycloak-dev
mailing list