%line | %branch | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
org.apache.jetspeed.security.spi.impl.DefaultCredentialPasswordValidator |
|
|
1 | /* |
|
2 | * Licensed to the Apache Software Foundation (ASF) under one or more |
|
3 | * contributor license agreements. See the NOTICE file distributed with |
|
4 | * this work for additional information regarding copyright ownership. |
|
5 | * The ASF licenses this file to You under the Apache License, Version 2.0 |
|
6 | * (the "License"); you may not use this file except in compliance with |
|
7 | * the License. You may obtain a copy of the License at |
|
8 | * |
|
9 | * http://www.apache.org/licenses/LICENSE-2.0 |
|
10 | * |
|
11 | * Unless required by applicable law or agreed to in writing, software |
|
12 | * distributed under the License is distributed on an "AS IS" BASIS, |
|
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
14 | * See the License for the specific language governing permissions and |
|
15 | * limitations under the License. |
|
16 | */ |
|
17 | package org.apache.jetspeed.security.spi.impl; |
|
18 | ||
19 | import java.util.regex.Matcher; |
|
20 | import java.util.regex.Pattern; |
|
21 | ||
22 | import org.apache.jetspeed.security.InvalidPasswordException; |
|
23 | import org.apache.jetspeed.security.SecurityException; |
|
24 | import org.apache.jetspeed.security.spi.CredentialPasswordValidator; |
|
25 | ||
26 | /** |
|
27 | * <p> |
|
28 | * DefaultCredentialPasswordValidator |
|
29 | * </p> |
|
30 | * |
|
31 | * @author <a href="mailto:ate@apache.org">Ate Douma</a> |
|
32 | * @version $Id: DefaultCredentialPasswordValidator.java 601032 2007-12-04 18:45:55Z taylor $ |
|
33 | */ |
|
34 | public class DefaultCredentialPasswordValidator implements CredentialPasswordValidator |
|
35 | { |
|
36 | private String passwordPattern; |
|
37 | 0 | private boolean strictPassword = false; |
38 | /* Example: |
|
39 | * Must be at least 6 characters |
|
40 | * Must contain at least one one lower case letter, one upper case letter, one digit and one special character |
|
41 | * Valid special characters are @#$%^&+= |
|
42 | */ |
|
43 | private final static String defaultPasswordPattern = "[^.*(?=.{6,})(?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&+=]).*$]"; |
|
44 | ||
45 | public DefaultCredentialPasswordValidator(String passwordPattern) |
|
46 | 0 | { |
47 | 0 | this.passwordPattern = passwordPattern; |
48 | 0 | this.strictPassword = true; |
49 | 0 | } |
50 | public DefaultCredentialPasswordValidator() |
|
51 | 0 | { |
52 | 0 | strictPassword = false; |
53 | 0 | } |
54 | ||
55 | /** |
|
56 | * @see org.apache.jetspeed.security.spi.CredentialPasswordValidator#validate(java.lang.String) |
|
57 | */ |
|
58 | public void validate(String clearTextPassword) throws SecurityException |
|
59 | { |
|
60 | 0 | if (strictPassword) |
61 | { |
|
62 | 0 | Pattern p = Pattern.compile(passwordPattern); |
63 | //Match the given string with the pattern |
|
64 | 0 | Matcher m = p.matcher(clearTextPassword); |
65 | 0 | if(!m.matches()) |
66 | 0 | throw new InvalidPasswordException(); |
67 | 0 | } |
68 | else |
|
69 | { |
|
70 | 0 | if ( clearTextPassword == null || clearTextPassword.length() == 0) |
71 | 0 | throw new InvalidPasswordException(); |
72 | } |
|
73 | ||
74 | 0 | } |
75 | } |
This report is generated by jcoverage, Maven and Maven JCoverage Plugin. |