org.appng.core.security

Class ConfigurablePasswordPolicy

java.lang.Object

org.appng.core.security.ConfigurablePasswordPolicy

All Implemented Interfaces:

PasswordPolicy

public class ConfigurablePasswordPolicy
extends Object
implements PasswordPolicy

A configurable PasswordPolicy using a PasswordValidator.
A multiline platform property named configurablePasswordPolicy can be used for configuration, defaults as shown:

 minLowerCase = 1
 minUppercase = 1
 minDigits = 1
 minSpecialChars = 1
 allowedSpecialChars = !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
 minLength = 8
 maxLength = 255
 useHistory = true
 useUsername = true
 numCharacterGroups = 4
 allowOtherCharacters = false
 allowWhiteSpace = false
 generateLength = 8
 generateLowerCase = 3
 generateUppercase = 3
 generateDigits = 1
 generateSpecialChars = 1
 

Author:

Matthias Müller

Nested Class Summary

Nested classes/interfaces inherited from interface org.appng.api.auth.PasswordPolicy

PasswordPolicy.ValidationResult

Field Summary

Fields inherited from interface org.appng.api.auth.PasswordPolicy

LOWERCASE, NUMBER, PUNCT, UPPERCASE

Constructor Summary

Constructors

Constructor and Description
ConfigurablePasswordPolicy()

Method Summary

Modifier and Type	Method and Description
void	configure(Properties platformProperties) Configures the PasswordPolicy
String	generatePassword() Generates a new random password that matches the requirements and returns it.
String	getErrorMessageKey() Returns the message-key of an errormessage for the case that the password doesn't match the requirements.
org.passay.PasswordValidator	getValidator()
boolean	isValidPassword(char[] password) Checks whether the given character-sequence is a valid password.
PasswordPolicy.ValidationResult	validatePassword(String username, char[] currentPassword, char[] password) Validates the password an returns a PasswordPolicy.ValidationResult

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ConfigurablePasswordPolicy

public ConfigurablePasswordPolicy()

Method Detail

configure

public void configure(Properties platformProperties)

Description copied from interface: PasswordPolicy

Configures the PasswordPolicy

Specified by:

configure in interface PasswordPolicy

Parameters:

platformProperties - the platform's Properties

isValidPassword

public boolean isValidPassword(char[] password)

Description copied from interface: PasswordPolicy

Checks whether the given character-sequence is a valid password.

Specified by:

isValidPassword in interface PasswordPolicy

Parameters:

password - the character-sequence sequence to check

Returns:

true if the character-sequence is a valid password, false otherwise

validatePassword

public PasswordPolicy.ValidationResult validatePassword(String username,
                                                        char[] currentPassword,
                                                        char[] password)

Description copied from interface: PasswordPolicy

Validates the password an returns a PasswordPolicy.ValidationResult

Specified by:

validatePassword in interface PasswordPolicy

Parameters:

username - the username (can be null)

currentPassword - the current password (can be null)

password - the new password (must not be null)

Returns:

the validation result

getErrorMessageKey

public String getErrorMessageKey()

Description copied from interface: PasswordPolicy

Returns the message-key of an errormessage for the case that the password doesn't match the requirements.

Specified by:

getErrorMessageKey in interface PasswordPolicy

Returns:

the message key

generatePassword

public String generatePassword()

Description copied from interface: PasswordPolicy

Generates a new random password that matches the requirements and returns it.

Specified by:

generatePassword in interface PasswordPolicy

Returns:

the randomly generated password

getValidator

public org.passay.PasswordValidator getValidator()