public class PasswordValidationAction extends AbstractAuthorizableAction
PasswordValidationAction
provides a simple password validation
mechanism with the following configurable option:
Pattern
defining validation rules for a password.
The password validation is executed on user creation and upon password
change. It throws a ConstraintViolationException
if the password
validation fails.
Example configuration:
<UserManager class="org.apache.jackrabbit.core.security.user.UserPerWorkspaceUserManager"> <AuthorizableAction class="org.apache.jackrabbit.core.security.user.action.PasswordValidationAction"> <!-- password length must be at least 8 chars and it must contain at least one upper and one lowercase ASCII character. --> <param name="constraint" value="^.*(?=.{8,})(?=.*[a-z])(?=.*[A-Z]).*"/> </AuthorizableAction> </UserManager>
UserManager.createUser(String, String)
,
User.changePassword(String)
,
User.changePassword(String, String)
Constructor and Description |
---|
PasswordValidationAction() |
Modifier and Type | Method and Description |
---|---|
void |
onCreate(org.apache.jackrabbit.api.security.user.User user,
String password,
Session session)
Doesn't perform any action.
|
void |
onPasswordChange(org.apache.jackrabbit.api.security.user.User user,
String newPassword,
Session session)
Doesn't perform any action.
|
void |
setConstraint(String constraint)
Set the password constraint.
|
onCreate, onRemove
public void onCreate(org.apache.jackrabbit.api.security.user.User user, String password, Session session) throws RepositoryException
AbstractAuthorizableAction
onCreate
in interface AuthorizableAction
onCreate
in class AbstractAuthorizableAction
user
- The new user that has not yet been persisted;
e.g. the associated node is still 'NEW'.password
- The password that was specified upon user creation.session
- The editing session associated with the user manager.RepositoryException
- If an error occurs.AuthorizableAction.onCreate(org.apache.jackrabbit.api.security.user.User, String, javax.jcr.Session)
public void onPasswordChange(org.apache.jackrabbit.api.security.user.User user, String newPassword, Session session) throws RepositoryException
AbstractAuthorizableAction
onPasswordChange
in interface AuthorizableAction
onPasswordChange
in class AbstractAuthorizableAction
user
- The user that whose password is going to change.newPassword
- The new password as specified in User.changePassword(java.lang.String)
session
- The editing session associated with the user manager.RepositoryException
- If an exception or error occurs.AuthorizableAction.onPasswordChange(org.apache.jackrabbit.api.security.user.User, String, javax.jcr.Session)
public void setConstraint(String constraint)
constraint
- A regular expression that can be used to validate a new password.Copyright © 2004–2024 The Apache Software Foundation. All rights reserved.