Package com.iizix.passwordpolicy
Class PasswordPolicy
- java.lang.Object
- com.iizix.passwordpolicy.PasswordPolicy
public class PasswordPolicy extends java.lang.Object
Class used to handle password policies.- Author:
- Christopher Mindus
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
canChangePassword()
Checks if the password can be changed or not.PasswordPolicyResult
check(SessionInfo sessionInfo, java.lang.String password)
Estimate password strength if it's OK, and if it is, null is returned.java.lang.String
check(java.lang.String password)
Estimate password strength if it's OK, and if it is, null is returned.java.lang.String
check(java.lang.String password, java.lang.String suggestionsPrefix)
Estimate password strength if it's OK, and if it is, null is returned.static PasswordPolicy
createAdminPolicyWithAdvancedEntropyChecking()
Creates a password policy for administrators with its defaults, but with the addition of advanced entropy checking.static PasswordPolicy
from(PolicyProps settings)
Creates the password policy based on pure defaults if the property container is null, otherwise based on those settings.static java.lang.String
generateStrongPassword()
Generates a new strong random password.int
getHistoryLength()
Gets the password history length.boolean
mustChangePassword()
Checks if the password must be changed at next login.
Method Detail
from
public static PasswordPolicy from(PolicyProps settings)
Creates the password policy based on pure defaults if the property container is null, otherwise based on those settings.- Parameters:
settings
- The settings property container, or null for defaults.- Returns:
- The password policy.
createAdminPolicyWithAdvancedEntropyChecking
public static PasswordPolicy createAdminPolicyWithAdvancedEntropyChecking()
Creates a password policy for administrators with its defaults, but with the addition of advanced entropy checking.- Returns:
- The password policy.
generateStrongPassword
public static java.lang.String generateStrongPassword()
Generates a new strong random password.- Returns:
- The new strong password of minimum 10 characters meeting all the criteria for "difficult password", except history for the user's password policy.
check
public java.lang.String check(java.lang.String password)
Estimate password strength if it's OK, and if it is, null is returned.- Parameters:
password
- The password to check.- Returns:
- A potentially localized descriptive string with password problems, potentially with suggestions prefixed by
"\n - "
strings. Suggestions are only added if the password policy is configured for advanced passwords entropy checking.
check
public java.lang.String check(java.lang.String password, java.lang.String suggestionsPrefix)
Estimate password strength if it's OK, and if it is, null is returned.- Parameters:
password
- The password to check.suggestionsPrefix
- String used to prefix any potential suggestions. Ifnull
or empty string,"\n - "
will be used.- Returns:
- A potentially localized descriptive string with password problems, potentially with suggestions prefixed by
suggestionsPrefix
strings. Suggestions are only added if the password policy is configured for advanced passwords entropy checking.
check
public PasswordPolicyResult check(SessionInfo sessionInfo, java.lang.String password)
Estimate password strength if it's OK, and if it is, null is returned.- Parameters:
sessionInfo
- The session information.password
- The password to check.- Returns:
- A potentially localized descriptive string with password problems, potentially with suggestions prefixed by
suggestionsPrefix
strings. Suggestions are only added if the password policy is configured for advanced passwords entropy checking.
getHistoryLength
public int getHistoryLength()
Gets the password history length.- Returns:
- The length, zero for no history.
canChangePassword
public boolean canChangePassword()
Checks if the password can be changed or not.- Returns:
- true for changeable, false for fixed.
mustChangePassword
public boolean mustChangePassword()
Checks if the password must be changed at next login.- Returns:
- true for must change, false for not required.