Class PasswordValidationAction

  • All Implemented Interfaces:
    AuthorizableAction

    public class PasswordValidationAction
    extends AbstractAuthorizableAction
    PasswordValidationAction provides a simple password validation mechanism with the following configurable option:
    • constraint: a regular expression that can be compiled to a Pattern defining validation rules for a password.

    The password validation is executed on user creation and upon password change. It throws a ConstraintViolationException if the password validation fails.

    Example configuration:

        <UserManager class="org.apache.jackrabbit.core.security.user.UserPerWorkspaceUserManager">
           <AuthorizableAction class="org.apache.jackrabbit.core.security.user.action.PasswordValidationAction">
              <!--
              password length must be at least 8 chars and it must contain at least
              one upper and one lowercase ASCII character.
              -->
              <param name="constraint" value="^.*(?=.{8,})(?=.*[a-z])(?=.*[A-Z]).*"/>
           </AuthorizableAction>
        </UserManager>
     
    See Also:
    UserManager.createUser(String, String), User.changePassword(String), User.changePassword(String, String)