Class PasswordValidationAction
- java.lang.Object
-
- org.apache.jackrabbit.core.security.user.action.AbstractAuthorizableAction
-
- org.apache.jackrabbit.core.security.user.action.PasswordValidationAction
-
- All Implemented Interfaces:
AuthorizableAction
public class PasswordValidationAction extends AbstractAuthorizableAction
PasswordValidationAction
provides a simple password validation mechanism with the following configurable option:- constraint: a regular expression that can be compiled
to a
Pattern
defining validation rules for a password.
The password validation is executed on user creation and upon password change. It throws a
ConstraintViolationException
if the password validation fails.Example configuration:
<UserManager class="org.apache.jackrabbit.core.security.user.UserPerWorkspaceUserManager"> <AuthorizableAction class="org.apache.jackrabbit.core.security.user.action.PasswordValidationAction"> <!-- password length must be at least 8 chars and it must contain at least one upper and one lowercase ASCII character. --> <param name="constraint" value="^.*(?=.{8,})(?=.*[a-z])(?=.*[A-Z]).*"/> </AuthorizableAction> </UserManager>
-
-
Constructor Summary
Constructors Constructor Description PasswordValidationAction()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
onCreate(User user, String password, Session session)
Doesn't perform any action.void
onPasswordChange(User user, String newPassword, Session session)
Doesn't perform any action.void
setConstraint(String constraint)
Set the password constraint.-
Methods inherited from class org.apache.jackrabbit.core.security.user.action.AbstractAuthorizableAction
onCreate, onRemove
-
-
-
-
Method Detail
-
onCreate
public void onCreate(User user, String password, Session session) throws RepositoryException
Description copied from class:AbstractAuthorizableAction
Doesn't perform any action.- Specified by:
onCreate
in interfaceAuthorizableAction
- Overrides:
onCreate
in classAbstractAuthorizableAction
- Parameters:
user
- The new user that has not yet been persisted; e.g. the associated node is still 'NEW'.password
- The password that was specified upon user creation.session
- The editing session associated with the user manager.- Throws:
RepositoryException
- If an error occurs.- See Also:
AuthorizableAction.onCreate(org.apache.jackrabbit.api.security.user.User, String, javax.jcr.Session)
-
onPasswordChange
public void onPasswordChange(User user, String newPassword, Session session) throws RepositoryException
Description copied from class:AbstractAuthorizableAction
Doesn't perform any action.- Specified by:
onPasswordChange
in interfaceAuthorizableAction
- Overrides:
onPasswordChange
in classAbstractAuthorizableAction
- Parameters:
user
- The user that whose password is going to change.newPassword
- The new password as specified inUser.changePassword(java.lang.String)
session
- The editing session associated with the user manager.- Throws:
RepositoryException
- If an exception or error occurs.- See Also:
AuthorizableAction.onPasswordChange(org.apache.jackrabbit.api.security.user.User, String, javax.jcr.Session)
-
setConstraint
public void setConstraint(String constraint)
Set the password constraint.- Parameters:
constraint
- A regular expression that can be used to validate a new password.
-
-