DHS009
1
Hi,
I have added the password policy but after that I tried to authenticate the policy. It’s not working well in some conditions.
As per the policy => Not username: The password cannot be the same as the username.
https://github.com/keycloak/keycloak-documentation/blob/main/server_admin/topics/authentication/password-policies.adoc
Password policy states it shouldn’t contain a part of user name. However, it allows user name in different case.
for example : if the tenant user is → roger123@yopmail.com
Then we cannot set password with a part of user name → roger
But if we change the case of it, it allows us to set the password → Roger, ROGER
Is it a bug or I misunderstood the policy?
Please share your views on it.
Thankyou
xgp
2
The policy checks for a case-sensitive match:
If you want it work differently, you can implement your own provider.
