Package org.keycloak.policy
Class DenylistPasswordPolicyProvider
java.lang.Object
org.keycloak.policy.DenylistPasswordPolicyProvider
- All Implemented Interfaces:
PasswordPolicyProvider,Provider
Checks a password against a configured password denylist.
- Author:
- Thomas Darimont
-
Field Summary
FieldsFields inherited from interface org.keycloak.policy.PasswordPolicyProvider
INT_CONFIG_TYPE, STRING_CONFIG_TYPE -
Constructor Summary
ConstructorsConstructorDescriptionDenylistPasswordPolicyProvider(KeycloakContext context, DenylistPasswordPolicyProviderFactory factory) -
Method Summary
Modifier and TypeMethodDescriptionvoidclose()parseConfig(String denylistName) Parses the allowed configuration for aDenylistPasswordPolicyProvider.Checks whether the provided password is contained in the configured blacklist.validate(RealmModel realm, UserModel user, String password) Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.keycloak.policy.PasswordPolicyProvider
parseInteger
-
Field Details
-
ERROR_MESSAGE
- See Also:
-
-
Constructor Details
-
DenylistPasswordPolicyProvider
public DenylistPasswordPolicyProvider(KeycloakContext context, DenylistPasswordPolicyProviderFactory factory)
-
-
Method Details
-
validate
Checks whether the provided password is contained in the configured blacklist.- Specified by:
validatein interfacePasswordPolicyProvider- Parameters:
username-password-- Returns:
- null if the password is not blacklisted otherwise a
PolicyError
-
validate
- Specified by:
validatein interfacePasswordPolicyProvider
-
parseConfig
Parses the allowed configuration for aDenylistPasswordPolicyProvider. Supported syntax is {@¢ode passwordBlacklist(fileName)} Example configurations:passwordBlacklist(test-password-blacklist.txt)
- Specified by:
parseConfigin interfacePasswordPolicyProvider- Parameters:
denylistName-- Returns:
-
close
public void close()
-