Log Message: |
A slightly modified patch from Sumit Pandit for "Additional Validation for Password : Make password pattern driven" https://issues.apache.org/jira/browse/OFBIZ-4958
Provides an additional validation for password with following capability to the system:
Admin can enable/disable pattern based password capability of system. Configuration will reside in security.property file.
To enable : security.login.password.pattern.enable=true
To disable: security.login.password.pattern.enable=false
Admin is flexible to provide his pattern string by making pattern more/less restrictive as per system requirement. Configuration will reside in security.property file.
Example: security.login.password.pattern=^.*(?=. {5,})(?=.[a-zA-Z])(?=.[!@#$%^&*]).*$
Admin can provide custom error message string which will display to end user if wrong password is entered. Configuration will reside in security.properity file.
jleroux: I quickly handled the error message localisation for the OOTB case. It's more complicated when the pattern gets complex...
|