Module io.inverno.mod.security
Class SimplePasswordPolicy<A extends LoginCredentials>
java.lang.Object
io.inverno.mod.security.authentication.password.SimplePasswordPolicy<A>
- Type Parameters:
A- the login credentials type
- All Implemented Interfaces:
PasswordPolicy<A,SimplePasswordPolicy.SimplePasswordStrength>
public class SimplePasswordPolicy<A extends LoginCredentials>
extends Object
implements PasswordPolicy<A,SimplePasswordPolicy.SimplePasswordStrength>
A simple password policy that simply checks for password's length.
Following latest NIST Digital Identity Guidelines Section 5.1.1.2, a password should be at least 8 characters and at most 64 characters long. Please refer to these guidelines in order to build more robust password policies (dictionary words, repetitive or sequential characters, context-specific words...).
- Since:
- 1.5
- Author:
- Jeremy Kuhn
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic classA simple password strength implementation.Nested classes/interfaces inherited from interface io.inverno.mod.security.authentication.password.PasswordPolicy
PasswordPolicy.PasswordStrength -
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final intThe default maximum password length.static final intThe default minimum password length. -
Constructor Summary
ConstructorsConstructorDescriptionCreates a default simple password policy.SimplePasswordPolicy(int minimumPasswordLength, int maximumPasswordLength) Creates a simple password policy with the specified password lengths. -
Method Summary
Modifier and TypeMethodDescriptionintReturns the maximum password length.intReturns the minimum password length.Verifies that the specified raw password complies with the policy.
-
Field Details
-
DEFAULT_MINIMUM_PASSWORD_LENGTH
public static final int DEFAULT_MINIMUM_PASSWORD_LENGTHThe default minimum password length.- See Also:
-
DEFAULT_MAXIMUM_PASSWORD_LENGTH
public static final int DEFAULT_MAXIMUM_PASSWORD_LENGTHThe default maximum password length.- See Also:
-
-
Constructor Details
-
SimplePasswordPolicy
public SimplePasswordPolicy()Creates a default simple password policy.
-
SimplePasswordPolicy
public SimplePasswordPolicy(int minimumPasswordLength, int maximumPasswordLength) throws IllegalArgumentException Creates a simple password policy with the specified password lengths.
- Parameters:
minimumPasswordLength- the minimum password lengthmaximumPasswordLength- the maximum password length- Throws:
IllegalArgumentException- if specified parameters are incorrect
-
-
Method Details
-
verify
public SimplePasswordPolicy.SimplePasswordStrength verify(A credentials, String rawPassword) throws PasswordPolicyException Description copied from interface:PasswordPolicyVerifies that the specified raw password complies with the policy.
- Specified by:
verifyin interfacePasswordPolicy<A extends LoginCredentials,SimplePasswordPolicy.SimplePasswordStrength> - Parameters:
credentials- the current user credentials for which the password should be definedrawPassword- the raw password to check- Returns:
- a password strength
- Throws:
PasswordPolicyException- if the specified password does not comply with the password policy
-
getMinimumPasswordLength
public int getMinimumPasswordLength()Returns the minimum password length.
- Returns:
- the minimum password length
-
getMaximumPasswordLength
public int getMaximumPasswordLength()Returns the maximum password length.
- Returns:
- the minimum password length
-