Re: [PR] [SYNCOPE-1979] check also for not permitted words and schemas as substrings in default password rule [syncope]

via GitHub Mon, 22 Jun 2026 08:25:13 -0700


andrea-patricelli commented on code in PR #1432:
URL: https://github.com/apache/syncope/pull/1432#discussion_r3453443486



##########
core/spring/src/main/java/org/apache/syncope/core/spring/policy/DefaultPasswordRule.java:
##########
@@ -89,8 +89,8 @@ public void setConf(final PasswordRuleConf conf) {
     protected void enforce(final String username, final String clearPassword, 
final Collection<String> notPermitted) {
         List<Rule> rules = PasswordGenerator.conf2Rules(conf);
         if (!notPermitted.isEmpty()) {
-            rules.add(new DictionaryRule(new WordListDictionary(new 
ArrayWordList(
-                    
notPermitted.stream().distinct().sorted(Comparator.naturalOrder()).toArray(String[]::new),
 true)),
+            rules.add(new DictionarySubstringRule(new WordListDictionary(new 
ArrayWordList(
+                    
notPermitted.stream().distinct().sorted(Comparator.naturalOrder()).toArray(String[]::new),
 false)),

Review Comment:
   I assumed that case sensitivity was not so useful on password check, going 
to add the flag.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Re: [PR] [SYNCOPE-1979] check also for not permitted words and schemas as substrings in default password rule [syncope]

Reply via email to