SiteMinder Basic Password Service using regex pattern
Article ID: 273957
Updated On:
Products
Issue/Introduction
This is to provide more detail on how to use regex for password policy patterns.
Environment
Release : 12.8.x
Resolution
Following is a sample pattern and Policy Server will perform regex pattern matching to evaluate the new password.
If the pattern match then new password is accepted.
Regex used is "(pass)[0-9]$"
You don't really have to specify "it begins with" and use "^".
In the above sample, the new password must be starting with pass and a single digit and nothing else after that.
"pass1" would match as well as "pass9".
It would not match "pass11" nor "pass1a".
If the pattern matched, you will get the following screen but nothing meaningful in the smtracedefault.log.
| [09/22/2023][17:14:54.977][6028][29828][][SmPasswordCheck.cpp:2133][CSmPasswordCheck::ValidateNewPassword][][][][][][][][Validating the new password...][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][] |
If the pattern did not match, you will get the following screen.
And following message will be reported in the smtracedefault.log
| [09/22/2023][16:39:31.346][6028][28048][][SmPasswordCheck.cpp:2347][CSmPasswordCheck::ValidateNewPassword][][][][][][][][Invalid password: RegExpr Match-ing failed][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][] |
There are some other regex samples in documentation.
* New password must start with a letter(upper or lower case).
[a-zA-Z].*
If you do not want any trailing digits in the new password you can use the following regex and select "Must Not Match"
.*[0-9]$
Feedback
