Custom Password Policy Does Not Enforce "disallow Last Name " Constraint In Name With Spaces

(Doc ID 2147794.1)

Last updated on JUNE 09, 2016

Applies to:

Identity Manager - Version and later
Information in this document applies to any platform.


On : version, Password Policies

If a user has a name such as "Smith Jr" in the last name field, OIM does not prevent the user from using a password containing "Smith" if we have a custom password policy.

In the custom password policy, when the "Disallow Last Name" or "Disallow First Name" check boxes are checked, OIM should reject the password if it contains First Name or Last Name.

The issue can be reproduced at will with the following steps:
1. Open the Default Password Policy in OIM and under the Policy Rules, select "Disallow Last Name" check box.
2. Create a user with first name as "Justin' and Last Name as "Smith Jr" and password as "Smith123".
3. User is created successfully even though the password contains part of the last name. As per the password policy created in step #1 above, it should have been rejected.

The issue has the following business impact:
Due to this issue, we can not stop users from creating passwords with their first or last names.


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms