Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Password Policy export/import failed #29420

Open
1 of 2 tasks
chuklov opened this issue May 9, 2024 · 2 comments
Open
1 of 2 tasks

Password Policy export/import failed #29420

chuklov opened this issue May 9, 2024 · 2 comments
Assignees
@vramik
Labels
area/import-export kind/bug Categorizes a PR related to a bug status/auto-expire status/missing-information team/core-iam

Comments

@chuklov
Copy link

chuklov commented May 9, 2024

Before reporting an issue

  • I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

import-export

Describe the bug

After setting up password policy and exporting this to json, unable to start keycloak with import. Failed with the following:
ERROR: invalidPasswordMinSpecialCharsMessage

The line I have added to json import is the following:
"passwordPolicy": "length(8) and maxLength(64) and specialChars(1) and upperCase(1) and lowerCase(1) and digits(1) and notUsername(undefined) and notEmail(undefined)"

Version

24 and 23

Regression

  • The issue is a regression

Expected behavior

Import works and password policy implemented

Actual behavior

failed to start the server

How to Reproduce?

Run keycloak, create realm, add password policy with minimum chars required, export realm. Make docker compose file and add import file on start.

Anything else?

docker compose file:
keycloak:
image: quay.io/keycloak/keycloak:24.0.4
container_name: keycloak
environment:
KC_HEALTH_ENABLED: true
KC_METRICS_ENABLED: true
KC_DB_VENDOR: POSTGRES
KC_DB_ADDR: postgres
KC_DB_DATABASE: service_keycloak
KC_DB_PORT: 5432
KC_DB_USER: keycloak
KC_DB_PASSWORD: password
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: password
KEYCLOAK_IMPORT: /opt/keycloak/data/import/full-realm-export.json
KC_FEATURES: account-api,account2,account3
volumes:
- ./config/imports:/opt/keycloak/data/import
command:
- "start-dev"
- "-Dkeycloak.migration.action=import"
- "-Dkeycloak.migration.provider=singleFile"
- "-Dkeycloak.migration.strategy=OVERWRITE_EXISTING"
- "-Dkeycloak.migration.file=/opt/keycloak/data/import/full-realm-export.json"
ports:
- 8080:8080
@chuklov chuklov added kind/bug Categorizes a PR related to a bug status/triage labels May 9, 2024
@vramik
Copy link
Contributor

vramik commented May 16, 2024

@chuklov thank you for the report, could you please provide more information about the issue?

  • Did you manually edit the exported file?
  • Did you include users into an export as well?
  • Are there any users violating the policy you've added?

Thanks.

~missing-info

@keycloak-github-bot
Copy link

Thanks for reporting this issue, but there is insufficient information or lack of steps to reproduce.

Please provide additional details, otherwise this issue will be automatically closed within 14 days.

@vramik vramik self-assigned this May 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vramik vramik

Labels
area/import-export kind/bug Categorizes a PR related to a bug status/auto-expire status/missing-information team/core-iam
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@vramik @stianst @chuklov