ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Password Policy Regular Expression

book

Article ID: 212819

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

 

When running a Policy Server, after configuring a Password Policy with
Regular Expression, the Policy Server doesn't change the password and
reports in smaccess.log :

   AuthReject myApp [10/Mar/2021:11:03:45 +0100] "UNKNOWN
   cn=jsmith,dc=training,dc=com"
   "myWebAgent GET /myApp/" []
   [22] osRYswIxU2ObJwqyEeUwXAAAAAEAAAQHAAAAIAAAAAA= [] []

The expression is :

  ^[\x21-\x7EñÑ]{7,20}$

or

  ^[!-~ñÑ]{7,20}$
  
and it could be validated successfully on this site :
  
  https://regexr.com/

with the following password :

  !$CoDe**

The Password Policy is set with this configuration :

      | NO Match | Tag     | Regular Expression |
      |----------+---------+--------------------|
      |          | pwregex | ^[\x21-\x7ExA4xA5] |

  or

      | NO Match | Tag     | Regular Expression        |
      |----------+---------+---------------------------|
      |          | pwregex | ^[\x21-\x7ExA4xA5]{7,20}$ |

 

Resolution

 

Upgrade Policy Server to 12.8SP6 to solve this issue. Make sure also
that the Regular Expression hasn't mixture of ASCII characters with
Hex representation. Use only ASCII or only HEX representation, but not
both mixted.