-
Notifications
You must be signed in to change notification settings - Fork 556
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Keycloak] Customizable Password Error Validator #1265
Comments
@kenjikikuchi Can you submit a PR? |
Thank you for the opportunity to contribute to saml2aws! On it! |
@mapkon PR was sent. Please take a look. Thank you. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello awesome team and contributors,
Thank you for developing and maintaining saml2aws! I have a minor request for the Keycloak module.
Request
Could you please add 2 new parameters below to handle non-English authentication error messages in the Keycloak passwordValid() function? They should keep the current hardcoded values as their default, and only non-English system users will tweak the new parameters in ~/.saml2aws.
Background
Since I use Japanese authentication systems, I get Japanese error messages when I mistype my password. However, the current
passwordValid() function only checks the English message hardcoded in the function. The passwordValid() function returns "true" for any non-English authentication error messages, and then the doAuthenticate() function enters into recursive loops and keeps authenticating with the wrong password I mistyped.
My repeated error requests were mistaken for a DoS attack before.
Related Issue
• #948
Please take a look at this issue. Thank you.
The text was updated successfully, but these errors were encountered: