You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If the steps are configured in this order the authentication fails without any logs,
step 1 - basic authenticator
step 2 - smsotp
step 3 - password policy authenticator
When I analysed the code the password policy authenticator has a logic to execute the only if the last authenticator is a local authenticator[1]. In this case, the smsotp is a federated authenticator that why the authentication failed. I think we should loop for all the previous authenticators and check whether the basic authenticator is in the step.
If the steps are configured in this order the authentication fails without any logs,
step 1 - basic authenticator
step 2 - smsotp
step 3 - password policy authenticator
When I analysed the code the password policy authenticator has a logic to execute the only if the last authenticator is a local authenticator[1]. In this case, the smsotp is a federated authenticator that why the authentication failed. I think we should loop for all the previous authenticators and check whether the basic authenticator is in the step.
[1] - https://github.com/wso2-extensions/identity-outbound-auth-passwordPolicy/blob/v1.0.14/component/authenticator/src/main/java/org/wso2/carbon/identity/policy/password/PasswordResetEnforcer.java#L127-L128
The text was updated successfully, but these errors were encountered: