Class PasswordPolicy


  • public class PasswordPolicy
    extends java.lang.Object
    Class used to handle password policies.
    Author:
    Christopher Mindus
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and TypeMethodDescription
      booleancanChangePassword()
      Checks if the password can be changed or not.
      PasswordPolicyResultcheck​(SessionInfo sessionInfo, java.lang.String password)
      Estimate password strength if it's OK, and if it is, null is returned.
      java.lang.Stringcheck​(java.lang.String password)
      Estimate password strength if it's OK, and if it is, null is returned.
      java.lang.Stringcheck​(java.lang.String password, java.lang.String suggestionsPrefix)
      Estimate password strength if it's OK, and if it is, null is returned.
      static PasswordPolicycreateAdminPolicyWithAdvancedEntropyChecking()
      Creates a password policy for administrators with its defaults, but with the addition of advanced entropy checking.
      static PasswordPolicyfrom​(PolicyProps settings)
      Creates the password policy based on pure defaults if the property container is null, otherwise based on those settings.
      static java.lang.StringgenerateStrongPassword()
      Generates a new strong random password.
      intgetHistoryLength()
      Gets the password history length.
      booleanmustChangePassword()
      Checks if the password must be changed at next login.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Method Detail

      • from

        public static PasswordPolicy from​(PolicyProps settings)
        Creates the password policy based on pure defaults if the property container is null, otherwise based on those settings.
        Parameters:
        settings - The settings property container, or null for defaults.
        Returns:
        The password policy.
      • createAdminPolicyWithAdvancedEntropyChecking

        public static PasswordPolicy createAdminPolicyWithAdvancedEntropyChecking()
        Creates a password policy for administrators with its defaults, but with the addition of advanced entropy checking.
        Returns:
        The password policy.
      • generateStrongPassword

        public static java.lang.String generateStrongPassword()
        Generates a new strong random password.
        Returns:
        The new strong password of minimum 10 characters meeting all the criteria for "difficult password", except history for the user's password policy.
      • check

        public java.lang.String check​(java.lang.String password)
        Estimate password strength if it's OK, and if it is, null is returned.
        Parameters:
        password - The password to check.
        Returns:
        A potentially localized descriptive string with password problems, potentially with suggestions prefixed by "\n - " strings. Suggestions are only added if the password policy is configured for advanced passwords entropy checking.
      • check

        public java.lang.String check​(java.lang.String password,
                                      java.lang.String suggestionsPrefix)
        Estimate password strength if it's OK, and if it is, null is returned.
        Parameters:
        password - The password to check.
        suggestionsPrefix - String used to prefix any potential suggestions. If null or empty string, "\n - " will be used.
        Returns:
        A potentially localized descriptive string with password problems, potentially with suggestions prefixed by suggestionsPrefix strings. Suggestions are only added if the password policy is configured for advanced passwords entropy checking.
      • check

        public PasswordPolicyResult check​(SessionInfo sessionInfo,
                                          java.lang.String password)
        Estimate password strength if it's OK, and if it is, null is returned.
        Parameters:
        sessionInfo - The session information.
        password - The password to check.
        Returns:
        A potentially localized descriptive string with password problems, potentially with suggestions prefixed by suggestionsPrefix strings. Suggestions are only added if the password policy is configured for advanced passwords entropy checking.
      • getHistoryLength

        public int getHistoryLength()
        Gets the password history length.
        Returns:
        The length, zero for no history.
      • canChangePassword

        public boolean canChangePassword()
        Checks if the password can be changed or not.
        Returns:
        true for changeable, false for fixed.
      • mustChangePassword

        public boolean mustChangePassword()
        Checks if the password must be changed at next login.
        Returns:
        true for must change, false for not required.