Password does not match the password policy requirement.

stonej

unread,

Mar 14, 2022, 7:25:20 PM3/14/22

to CAS Community

Hello All,

I am using CAS 6.5.1 and using the password management add on. It all works fine with picking up the AD password expired setting, but I cannot seem to get a good password.

It asks for 1 lowercase, 1 uppercase, 1 number and 1 special character but no matter what I try i comes up that the password does not match requirements.

Any help ?

Thanks

Łukasz Woźniak

unread,

Mar 15, 2022, 4:33:50 AM3/15/22

to cas-...@apereo.org

You've upgrade or have new fresh version? I've got similar problem but I'm upgrading instance from 6.3.7. And there was change in the template and policyPattern was null, because it was changed to passwordPolicyPattern. Check the template if You override it.

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/7842071e-ad46-420d-b3f1-6fef11247c44n%40apereo.org.

stonej

unread,

Mar 15, 2022, 7:39:12 AM3/15/22

to CAS Community

I did upgrade from 6.5.0 but have updated the policy pattern to :

cas.authn.pm.core.password-policy-pattern=^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[$@$!%*?&])[A-Za-z\d$@$!%*?&]{8,20}

Also having issues with emailing from password management, but may have to log that as a seperate query

Thanks

Vincent Weber

unread,

Aug 24, 2022, 9:07:56 PM8/24/22

to CAS Community, stonej

Hello,

Did you find the solution ?

I have the same problem with this configuration :

cas.authn.pm.core.policy-pattern=^(?=.{12,}$)(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*\W).*$

On CAS 6.5.7.

When I try to reset the password, it is never "OK" with my password, even if it respect the regexp.

Vincent Weber

unread,

Aug 30, 2022, 2:30:59 PM8/30/22

to CAS Community, Vincent Weber, stonej

I respond to myself to help other people in the future.

In passwordMeter.js, policyPattern is used as a string in : var policyPatternRegex = new RegExp(policyPattern);

So we need to double escape the "\", in my case it will be : ^(?=.{12,}$)(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*\\W).*$

(which ultimately isn't the best regexp for passwords, but that's not the point)

Thanks to this post : https://stackoverflow.com/a/6793802

So I think the documentation at https://apereo.github.io/cas/6.5.x/password_management/Password-Management.html should be fix to double the \ in \d.

Reply all

Reply to author

Forward