When we try to create a user in Adobe Experience Manager(AEM), then we receive below password violation error message. This message is not user friendly and because of that we keep struggling to set new password.
Here is the description of this exception; what does it means and what kind of password AEM is expecting from user.ERROR javax.jcr.nodetype.ConstraintViolationException: Password violates password constraint ((?=.*\d.*)(?=.*[a-z].*)(?=.*[A-Z].*)(?=.*[@#%\*\-+=~\[\]{}<>\?].*).{12,}).
Description:
Your password should be minimum 12 characters, and should have at least one block letter, one small letter, one digit and one special character.
- One special character !@$%
- One digit 0-9
- One small and block letter a-z A-Z
- Minimum characters 12
You may also face this issue while migrating the users and groups. Please refer this document for resolution. https://helpx.adobe.com/in/experience-manager/kb/OakConstraint0027-error-when-migrating-users-and-groups-in-AEM.html
We also face issue while creating the user using useradmin console of AEM and didn't put the right password which matches the above regex. We submit the form of user creation and didn,t see any error message, and then we thought user has been successfully created in the system. But when we search that newly created user then we didn't find that user in system. This is all because the password which we have set for user is not valid, hence system rejected that user.
How to enable/disable or change the constraint?
In AEM config manager we have a configuration which helps us to enable or disable this service and also change the password constraint(regex). Below is the screenshot and detail of available options.
Configuration name: Apache Jackrabbit Oak AuthorizableActionProvider
Configure PasswordValidationAction/Password Constraint: A regular expression specifying the pattern that must be matched by a user's password.
How to create a new regex?
You may use any online tool to generate the regex pattern of password which you want to sent in the AEM users password policy and constraint. e.g. https://regex101.com/