Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-52377

Certain password regex used in Crowd causes Confluence unable to create users

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Low
    • None
    • 5.10.4, 5.10.7
    • User - Management
    • None

    Description

      Summary

      Using certain password regex in Crowd causes Confluence admins unable to create new users.

      Environment

      • Confluence connected to Atlassian Crowd
      • Crowd version replicated with 2.11.2

      Steps to Reproduce

      1. Have Confluence connected to Crowd. Set the connection as Read and Write. Make sure that synchronizations are successful and users are able to log in.
      2. Use Crowd's internal directory to be connected to Confluence.
      3. Set the following as [password regex|https://confluence.atlassian.com/crowd/configuring-an-internal-directory-18579551.html] for that user directory: 
        (?=.*[A-Z])
      4. Go to Confluence, make sure that Confluence has Mail server.
      5. Make sure that Crowd user directory listed on the highest User Directory hierarchy
      6. Go to Confluence Admin > Users > Add users > make sure that "Send an email to the user you have just created, which will allow them to set up their password." has been ticked
      7. Create a user this way

      Expected Results

      User is created, email is sent

      Actual Results

      User is not created


      With the following error popped up:

      Failed to create the user 'testuser'. Check your server logs for more information.

      Below is seen in atlassian-confluence.log

      2017-05-08 21:35:47,971 ERROR [http-nio-15104-exec-1] [confluence.user.actions.CreateUserAction] execute Failed to create user: testuser
 -- referer: http://localhost:15104/admin/users/createuser.action | url: /admin/users/docreateuser.action | traceId: 2563956fe6569a49 | userName: admin | action: docreateuser
com.atlassian.core.exception.InfrastructureException: com.atlassian.user.security.authentication.InvalidPasswordException: com.atlassian.crowd.exception.InvalidCredentialException: The new password does not meet the directory complexity requirements: The string must contain at least 1 uppercase alphabetical character

      Notes

      • Currently, the only password regex that's observed to have this issue is 
        (?=.*[A-Z])
      • There is a variant of this issue in Jira Server: https://jira.atlassian.com/browse/JRASERVER-69642
      • This Password regex is presents no problem when creating users without the "Send an email to the user you have just created, which will allow them to set up their password." ticked. Provided that the password set complies to the regex.

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-69642 Creating a user in Jira with password policy enabled in Crowd prevents creation of users

          • Low - Low priority issues
          • Gathering Impact
          mentioned in

          Page Loading...

          Activity

            People

              Unassigned Unassigned
              mkhairuliana Monique Khairuliana (Inactive)
              Votes:
              2 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated: