/** * Checks the password quality of a new password. Password must have at least n characters and at minimum one letter * and one non-letter character. * * @return null if password quality is OK, otherwise the i18n message key of the password check failure. */ @Override public List<I18nKeyAndParams> checkPasswordQuality(final String password) { return this.validate(password, null, false); }
private List<I18nKeyAndParams> validate(final String newPassword, final String oldPassword, final boolean checkOldPassword) { final List<I18nKeyAndParams> result = new ArrayList<>(); // check min length final int minPasswordLength = configurationService.getMinPasswordLength(); if (newPassword == null || newPassword.length() < minPasswordLength) { result.add(new I18nKeyAndParams(MESSAGE_KEY_PASSWORD_MIN_LENGTH_ERROR, configurationService.getMinPasswordLength())); if (newPassword == null) { return result; } } // check for character and none character checkForCharsInPassword(newPassword, result); // stop here if only the new password is validated if (checkOldPassword == false) { return result; } // compare old and new password if (configurationService.getFlagCheckPasswordChange() && StringUtils.equals(oldPassword, newPassword)) { result.add(new I18nKeyAndParams(MESSAGE_KEY_PASSWORD_OLD_EQ_NEW_ERROR)); } return result; }
List<I18nKeyAndParams> passwordQualityMessages = passwordQualityService.checkPasswordQuality(STRONGOLDPW, null); assertTrue("Empty password not allowed.", passwordQualityMessages.contains(new I18nKeyAndParams(MESSAGE_KEY_PASSWORD_MIN_LENGTH_ERROR, 10))); passwordQualityMessages = passwordQualityService.checkPasswordQuality(STRONGOLDPW, ""); assertTrue("Empty password not allowed.", passwordQualityMessages.contains(new I18nKeyAndParams(MESSAGE_KEY_PASSWORD_MIN_LENGTH_ERROR, 10))); passwordQualityMessages = passwordQualityService.checkPasswordQuality(STRONGOLDPW, "abcd12345"); assertTrue("Password with less than " + "10" + " characters not allowed.", passwordQualityMessages.contains(new I18nKeyAndParams(MESSAGE_KEY_PASSWORD_MIN_LENGTH_ERROR, 10))); passwordQualityMessages = passwordQualityService.checkPasswordQuality(STRONGOLDPW, "ProjectForge"); assertTrue("Password must have one non letter at minimum.", passwordQualityMessages.contains(new I18nKeyAndParams(MESSAGE_KEY_PASSWORD_NONCHAR_ERROR))); passwordQualityMessages = passwordQualityService.checkPasswordQuality(STRONGOLDPW, "1234567890"); assertTrue("Password must have one non letter at minimum.", passwordQualityMessages.contains(new I18nKeyAndParams(MESSAGE_KEY_PASSWORD_CHARACTER_ERROR))); passwordQualityMessages = passwordQualityService.checkPasswordQuality(STRONGOLDPW, "12345678901"); assertTrue("Password must have one non letter at minimum.", passwordQualityMessages.contains(new I18nKeyAndParams(MESSAGE_KEY_PASSWORD_CHARACTER_ERROR))); passwordQualityMessages = passwordQualityService.checkPasswordQuality(STRONGOLDPW, STRONGOLDPW); assertTrue("Password must New password should not be the same as the old one.", passwordQualityMessages.contains(new I18nKeyAndParams(MESSAGE_KEY_PASSWORD_OLD_EQ_NEW_ERROR)));
final List<I18nKeyAndParams> errorMsgKeys = passwordQualityService.checkPasswordQuality(passwordInput); if (errorMsgKeys.isEmpty() == false) { for (I18nKeyAndParams errorMsgKey : errorMsgKeys) { fs.add(passwordField); fs.add(passwordRepeatField); final I18nKeyAndParams passwordQualityI18nKeyAndParams = passwordQualityService.getPasswordQualityI18nKeyAndParams(); fs.addHelpIcon(I18nHelper.getLocalizedMessage(passwordQualityI18nKeyAndParams));
/** * Changes the user's WLAN password. Checks the password quality and the correct authentication for the login password before. * * @param user * @param loginPassword * @param newWlanPassword * @return Error message key if any check failed or null, if successfully changed. */ @Override @Transactional(readOnly = false, propagation = Propagation.REQUIRED) public List<I18nKeyAndParams> changeWlanPassword(PFUserDO user, final String loginPassword, final String newWlanPassword) { Validate.notNull(user); Validate.notNull(loginPassword); Validate.notNull(newWlanPassword); final List<I18nKeyAndParams> errorMsgKeys = passwordQualityService.checkPasswordQuality(newWlanPassword); if (errorMsgKeys.isEmpty() == false) { return errorMsgKeys; } accessChecker.checkRestrictedOrDemoUser(); user = getUser(user.getUsername(), loginPassword, false); // get user from DB to persist the change of the wlan password time if (user == null) { return Collections.singletonList(new I18nKeyAndParams(MESSAGE_KEY_LOGIN_PASSWORD_WRONG)); } onWlanPasswordChange(user, true); // set last change time and creaty history entry Login.getInstance().wlanPasswordChanged(user, newWlanPassword); // change the wlan password log.info("WLAN Password changed for user: " + user.getId() + " - " + user.getUsername()); return Collections.emptyList(); }
final List<I18nKeyAndParams> errorMsgKeys = passwordQualityService.checkPasswordQuality(passwordInput); if (errorMsgKeys.isEmpty() == false) { for (I18nKeyAndParams errorMsgKey : errorMsgKeys) { fs.add(passwordField); fs.add(passwordRepeatField); final I18nKeyAndParams passwordQualityI18nKeyAndParams = passwordQualityService.getPasswordQualityI18nKeyAndParams(); fs.addHelpIcon(I18nHelper.getLocalizedMessage(passwordQualityI18nKeyAndParams));
/** * Checks the password quality of a new password change is required. Password must have at least n characters and at minimum one letter * and one non-letter character. * * @param newPassword * @return null if password quality is OK, otherwise the i18n message key of the password check failure. */ @Override public List<I18nKeyAndParams> checkPasswordQuality(final String oldPassword, final String newPassword) { return validate(newPassword, oldPassword, true); }
Validate.notNull(newPassword); final List<I18nKeyAndParams> errorMsgKeys = passwordQualityService.checkPasswordQuality(oldPassword, newPassword); if (errorMsgKeys.isEmpty() == false) { return errorMsgKeys;
final List<I18nKeyAndParams> errorMsgKeys = passwordQualityService.checkPasswordQuality(passwordInput); if (errorMsgKeys.isEmpty() == false) { adminUser.setPassword(null);