public/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2026-05-14 20:50:14 +08:00
Code Issues Packages Projects Releases Wiki Activity

PasswordPolicy

Browse Source
This commit is contained in:
Crystal.Sea
2020-08-31 23:39:47 +08:00
parent 9946e1a2c3
commit ab0b5959bb
10 changed files with 172 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
maxkey-core/src/main/java/org/maxkey/domain/PasswordPolicy.java
View File

@@ -121,6 +121,7 @@ public class PasswordPolicy extends JpaBaseDomain implements java.io.Serializabl
@Column
private int occurances;
private int randomPasswordLength;
/**
* @return the minLength
@@ -328,6 +329,14 @@ public class PasswordPolicy extends JpaBaseDomain implements java.io.Serializabl
public void setOccurances(int occurances) {
this.occurances = occurances;
}
public int getRandomPasswordLength() {
return randomPasswordLength;
}
public void setRandomPasswordLength(int randomPasswordLength) {
this.randomPasswordLength = randomPasswordLength;
}
public void check(String username, String newPassword, String oldPassword) throws PasswordPolicyException {
if ((1 == this.getUsername()) && newPassword.toLowerCase().contains(username.toLowerCase())) {

52
maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java
View File

@@ -25,6 +25,8 @@ import org.passay.CharacterOccurrencesRule;
import org.passay.CharacterRule;
import org.passay.DictionaryRule;
import org.passay.EnglishCharacterData;
import org.passay.EnglishSequenceData;
import org.passay.IllegalSequenceRule;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
@@ -92,6 +94,16 @@ public class PasswordPolicyValidator {
_logger.debug("query PasswordPolicy : " + passwordPolicy);
passwordPolicyStore.put(PASSWORD_POLICY_KEY,passwordPolicy);
//init Password Policy
passwordPolicy.setRandomPasswordLength(
Math.round(
(
passwordPolicy.getMaxLength() +
passwordPolicy.getMinLength()
)/2
)
);
passwordPolicyRuleList = new ArrayList<Rule>();
passwordPolicyRuleList.add(new WhitespaceRule());
passwordPolicyRuleList.add(new LengthRule(passwordPolicy.getMinLength(), passwordPolicy.getMaxLength()));
@@ -120,12 +132,23 @@ public class PasswordPolicyValidator {
passwordPolicyRuleList.add(new CharacterOccurrencesRule(passwordPolicy.getOccurances()));
}
if(passwordPolicy.getAlphabetical()>0) {
passwordPolicyRuleList.add(new IllegalSequenceRule(EnglishSequenceData.Alphabetical, 4, false));
}
if(passwordPolicy.getNumerical()>0) {
passwordPolicyRuleList.add(new IllegalSequenceRule(EnglishSequenceData.Numerical, 4, false));
}
if(passwordPolicy.getQwerty()>0) {
passwordPolicyRuleList.add(new IllegalSequenceRule(EnglishSequenceData.USQwerty, 4, false));
}
if(passwordPolicy.getDictionary()>0 ) {
try {
ClassPathResource dictFile=
new ClassPathResource(
ConstantsProperties.classPathResource(topWeakPasswordPropertySource));
Dictionary dictionary =new DictionaryBuilder().addReader(new InputStreamReader(dictFile.getInputStream())).build();
passwordPolicyRuleList.add(new DictionaryRule(dictionary));
}catch(Exception e) {
@@ -143,6 +166,7 @@ public class PasswordPolicyValidator {
*/
public boolean validator(UserInfo userInfo) {
String password = userInfo.getPassword();
String username = userInfo.getUsername();
@@ -159,15 +183,18 @@ public class PasswordPolicyValidator {
RuleResult result = validator.validate(new PasswordData(username,password));
if (result.isValid()) {
System.out.println("Password is valid");
} else {
System.out.println("Invalid password:");
_logger.debug("Password is valid");
return true;
} else {
_logger.debug("Invalid password:");
String passwordPolicyMessage = "";
for (String msg : validator.getMessages(result)) {
System.out.println(msg);
passwordPolicyMessage = passwordPolicyMessage + msg + "<br>";
_logger.debug("Rule Message " + msg);
}
}
return true;
WebContext.setAttribute(PasswordPolicyValidator.class.getName(), passwordPolicyMessage);
return false;
}
}
@@ -329,13 +356,8 @@ public class PasswordPolicyValidator {
public String generateRandomPassword() {
getPasswordPolicy();
PasswordGen passwordGen = new PasswordGen(
Math.round(
(
passwordPolicy.getMaxLength() +
passwordPolicy.getMinLength()
)/2
)
);
passwordPolicy.getRandomPasswordLength()
);
return passwordGen.gen(
passwordPolicy.getLowerCase(),

61
maxkey-core/src/main/resources/messages/passwordpolicy_message.properties
View File

@@ -1,30 +1,33 @@
#password
PasswordPolicy.HISTORY_VIOLATION=\u5BC6\u7801\u5339\u914D\u4E86 {0}\u5386\u53F2\u5BC6\u7801.
PasswordPolicy.ILLEGAL_WORD=\u5BC6\u7801\u5305\u542B\u5728\u5BC6\u7801\u5B57\u5178'{0}'.
PasswordPolicy.ILLEGAL_WORD_REVERSED=\u5BC6\u7801\u5305\u542B\u5728\u5BC6\u7801\u5B57\u5178\u5012\u5E8F'{0}'.
PasswordPolicy.ILLEGAL_DIGEST_WORD=\u5BC6\u7801\u5305\u542B\u5728\u5B57\u5178\u4E2D.
PasswordPolicy.ILLEGAL_DIGEST_WORD_REVERSED=\u5BC6\u7801\u5305\u542B\u5728\u5B57\u5178\u5012\u5E8F\u4E2D.
PasswordPolicy.ILLEGAL_MATCH=\u5BC6\u7801\u5339\u914D\u975E\u6CD5\u89C4\u5219 '{0}'.
PasswordPolicy.ALLOWED_MATCH=\u5BC6\u7801\u5FC5\u987B\u5339\u914D\u89C4\u5219 '{0}'.
PasswordPolicy.ILLEGAL_CHAR=\u5BC6\u7801 {1} \u5305\u542B\u975E\u6CD5\u5B57\u7B26 '{0}'.
PasswordPolicy.ALLOWED_CHAR=\u5BC6\u7801 {1} \u975E\u6CD5\u5B57\u7B26 '{0}'.
PasswordPolicy.ILLEGAL_QWERTY_SEQUENCE=\u5BC6\u7801\u5305\u542B\u952E\u76D8\u5E8F\u5217 '{0}'.
PasswordPolicy.ILLEGAL_ALPHABETICAL_SEQUENCE=\u5BC6\u7801\u5305\u542B\u5B57\u7B26\u5E8F\u5217'{0}'.
PasswordPolicy.ILLEGAL_NUMERICAL_SEQUENCE=\u5BC6\u7801\u5305\u542B\u6570\u5B57\u5E8F\u5217 '{0}'.
PasswordPolicy.ILLEGAL_USERNAME=\u5BC6\u7801\u4E0D\u80FD\u5305\u542B\u767B\u5F55\u540D {0}.
PasswordPolicy.ILLEGAL_USERNAME_REVERSED=\u5BC6\u7801 {1} \u5305\u542B\u767B\u5F55\u540D {0} \u5012\u5E8F.
PasswordPolicy.ILLEGAL_WHITESPACE=\u5BC6\u7801 {1} \u5305\u542B\u7A7A\u683C.
PasswordPolicy.ILLEGAL_NUMBER_RANGE=\u5BC6\u7801 {1} \u6570\u5B57 '{0}'.
PasswordPolicy.ILLEGAL_REPEATED_CHARS=\u5BC6\u7801 {2} \u5E8F\u5217 {0} \u6216\u8005\u591A\u4E2A\u5B57\u7B26, \u4F46 {1} \u8BB8:{3}\u6B21.
PasswordPolicy.INSUFFICIENT_UPPERCASE=\u5BC6\u7801\u81F3\u5C11\u5305\u542B {0} \u4F4D\u5927\u5199\u5B57\u6BCD.
PasswordPolicy.INSUFFICIENT_LOWERCASE=\u5BC6\u7801\u81F3\u5C11\u5305\u542B {0} \u4F4D\u5C0F\u5199\u5B57\u6BCD.
PasswordPolicy.INSUFFICIENT_ALPHABETICAL=\u5BC6\u7801\u4FDD\u62A4\u5B57\u7B26\u5E8F\u5217{0}.
PasswordPolicy.INSUFFICIENT_DIGIT=\u5BC6\u7801\u81F3\u5C11\u5305\u542B {0} \u4F4D\u6570\u5B57\u5B57\u6BCD.
PasswordPolicy.INSUFFICIENT_SPECIAL=\u5BC6\u7801\u81F3\u5C11\u5305\u542B {0} \u4F4D\u7279\u6B8A\u5B57\u6BCD.
PasswordPolicy.INSUFFICIENT_CHARACTERISTICS=\u5BC6\u7801\u5339\u914D {0} of {2}\u5B57\u7B26\u89C4\u5219, \u4F46 {1} \u5FC5\u987B.
PasswordPolicy.INSUFFICIENT_COMPLEXITY=\u5BC6\u7801\u9047\u5230 {1} \u590D\u6742\u89C4\u5219, \u4F46 {2} \u5FC5\u987B.
PasswordPolicy.INSUFFICIENT_COMPLEXITY_RULES=\u6CA1\u6709\u914D\u7F6E\u5BC6\u7801\u957F\u5EA6\u89C4\u5219 {0}.
PasswordPolicy.SOURCE_VIOLATION=\u5BC6\u7801\u4E0D\u80FD\u5305\u542B {0} \u5BC6\u7801.
PasswordPolicy.TOO_LONG=\u5BC6\u7801\u5FC5\u987B\u5C0F\u4E8E {1} \u4F4D\u5B57\u7B26.
PasswordPolicy.TOO_SHORT=\u5BC6\u7801\u81F3\u5C11 {0} \u4F4D\u5B57\u7B26.
PasswordPolicy.TOO_MANY_OCCURRENCES=\u5BC6\u7801\u5305\u542B {2}\u51FA\u73B0 '{0}', \u6700\u591A {3} \u6B21.
PasswordPolicy.HISTORY_VIOLATION=\u5bc6\u7801\u5339\u914d\u4e86{0}\u5386\u53f2\u5bc6\u7801.
PasswordPolicy.ILLEGAL_WORD=\u5bc6\u7801\u5305\u542b\u5728\u5bc6\u7801\u5b57\u5178'{0}'.
PasswordPolicy.ILLEGAL_WORD_REVERSED=\u5bc6\u7801\u5305\u542b\u5728\u5bc6\u7801\u5b57\u5178\u5012\u5e8f'{0}'.
PasswordPolicy.ILLEGAL_DIGEST_WORD=\u5bc6\u7801\u5305\u542b\u5728\u5b57\u5178\u4e2d.
PasswordPolicy.ILLEGAL_DIGEST_WORD_REVERSED=\u5bc6\u7801\u5305\u542b\u5728\u5b57\u5178\u5012\u5e8f\u4e2d.
PasswordPolicy.ILLEGAL_MATCH=\u5bc6\u7801\u5339\u914d\u975e\u6cd5\u89c4\u5219'{0}'.
PasswordPolicy.ALLOWED_MATCH=\u5bc6\u7801\u5fc5\u987b\u5339\u914d\u89c4\u5219'{0}'.
PasswordPolicy.ILLEGAL_CHAR=\u5bc6\u7801{1}\u5305\u542b\u975e\u6cd5\u5b57\u7b26'{0}'.
PasswordPolicy.ALLOWED_CHAR=\u5bc6\u7801{1}\u975e\u6cd5\u5b57\u7b26'{0}'.
PasswordPolicy.ILLEGAL_QWERTY_SEQUENCE=\u5bc6\u7801\u5305\u542b\u952e\u76d8\u5e8f\u5217'{0}'.
PasswordPolicy.ILLEGAL_ALPHABETICAL_SEQUENCE=\u5bc6\u7801\u5305\u542b\u5b57\u7b26\u5e8f\u5217'{0}'.
PasswordPolicy.ILLEGAL_NUMERICAL_SEQUENCE=\u5bc6\u7801\u5305\u542b\u6570\u5b57\u5e8f\u5217'{0}'.
PasswordPolicy.ILLEGAL_USERNAME=\u5bc6\u7801\u4e0d\u80fd\u5305\u542b\u767b\u5f55\u540d{0}.
PasswordPolicy.ILLEGAL_USERNAME_REVERSED=\u5bc6\u7801{1} \u5305\u542b\u767b\u5f55\u540d{0}\u5012\u5e8f.
PasswordPolicy.ILLEGAL_WHITESPACE=\u5bc6\u7801{1}\u5305\u542b\u7a7a\u683c.
PasswordPolicy.ILLEGAL_NUMBER_RANGE=\u5bc6\u7801{1}\u6570\u5b57 '{0}'.
PasswordPolicy.ILLEGAL_REPEATED_CHARS=\u5bc6\u7801{2}\u5e8f\u5217{0}\u6216\u8005\u591a\u4e2a\u5b57\u7b26, \u4f46{1}\u5141\u8bb8:{3}\u6b21.
PasswordPolicy.INSUFFICIENT_UPPERCASE=\u5bc6\u7801\u81f3\u5c11\u5305\u542b{0}\u4f4d\u5927\u5199\u5b57\u6bcd.
PasswordPolicy.INSUFFICIENT_LOWERCASE=\u5bc6\u7801\u81f3\u5c11\u5305\u542b{0}\u4f4d\u5c0f\u5199\u5b57\u6bcd.
PasswordPolicy.INSUFFICIENT_ALPHABETICAL=\u5bc6\u7801\u5305\u542b\u5b57\u7b26\u5e8f\u5217{0}.
PasswordPolicy.INSUFFICIENT_DIGIT=\u5bc6\u7801\u81f3\u5c11\u5305\u542b{0}\u4f4d\u6570\u5b57\u5b57\u6bcd.
PasswordPolicy.INSUFFICIENT_SPECIAL=\u5bc6\u7801\u81f3\u5c11\u5305\u542b{0}\u4f4d\u7279\u6b8a\u5b57\u7b26.
PasswordPolicy.INSUFFICIENT_CHARACTERISTICS=\u5bc6\u7801\u5339\u914d {0} of{2}\u5b57\u7b26\u89c4\u5219, \u4f46{1} \u5fc5\u987b.
PasswordPolicy.INSUFFICIENT_COMPLEXITY=\u5bc6\u7801\u9047\u5230{1}\u590d\u6742\u89c4\u5219, \u4f46{2}\u5fc5\u987b.
PasswordPolicy.INSUFFICIENT_COMPLEXITY_RULES=\u6ca1\u6709\u914d\u7f6e\u5bc6\u7801\u957f\u5ea6\u89c4\u5219 {0}.
PasswordPolicy.SOURCE_VIOLATION=\u5bc6\u7801\u4e0d\u80fd\u5305\u542b{0}\u5bc6\u7801.
PasswordPolicy.TOO_LONG=\u5bc6\u7801\u6700\u591a{1}\u4f4d\u5b57\u7b26.
PasswordPolicy.TOO_SHORT=\u5bc6\u7801\u81f3\u5c11{0}\u4f4d\u5b57\u7b26.
PasswordPolicy.TOO_MANY_OCCURRENCES=\u5bc6\u7801\u5305\u542b{0}\u51fa\u73b0{1}, \u6700\u591a{2} \u6b21.
PasswordPolicy.OLD_PASSWORD_NOT_MATCH=\u539f\u5bc6\u7801\u4e0d\u5339\u914d.
PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH=\u65b0\u5bc6\u7801\u4e0e\u786e\u8ba4\u5bc6\u7801\u4e0d\u4e00\u81f4.
PasswordPolicy.OLD_PASSWORD_MATCH=\u65b0\u5bc6\u7801\u4e0d\u80fd\u4e0e\u65e7\u5bc6\u7801\u4e00\u81f4.

5
maxkey-core/src/main/resources/messages/passwordpolicy_message_en.properties
View File

@@ -27,4 +27,7 @@ PasswordPolicy.INSUFFICIENT_COMPLEXITY_RULES=No rules have been configured for a
PasswordPolicy.SOURCE_VIOLATION=Password cannot be the same as your {0} password.
PasswordPolicy.TOO_LONG=Password must be no more than {1} characters in length.
PasswordPolicy.TOO_SHORT=Password must be {0} or more characters in length .
PasswordPolicy.TOO_MANY_OCCURRENCES=Password contains {1} occurrences of the character '{0}', but at most {2} are allowed.
PasswordPolicy.TOO_MANY_OCCURRENCES=Password contains {1} occurrences of the character '{0}', but at most {2} are allowed.
PasswordPolicy.OLD_PASSWORD_NOT_MATCH=old password not match.
PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH=new password not match confirm password.
PasswordPolicy.OLD_PASSWORD_MATCH=new password match old password.

61
maxkey-core/src/main/resources/messages/passwordpolicy_message_zh_CN.properties
View File

@@ -1,30 +1,33 @@
#password
PasswordPolicy.HISTORY_VIOLATION=\u5BC6\u7801\u5339\u914D\u4E86 {0}\u5386\u53F2\u5BC6\u7801.
PasswordPolicy.ILLEGAL_WORD=\u5BC6\u7801\u5305\u542B\u5728\u5BC6\u7801\u5B57\u5178'{0}'.
PasswordPolicy.ILLEGAL_WORD_REVERSED=\u5BC6\u7801\u5305\u542B\u5728\u5BC6\u7801\u5B57\u5178\u5012\u5E8F'{0}'.
PasswordPolicy.ILLEGAL_DIGEST_WORD=\u5BC6\u7801\u5305\u542B\u5728\u5B57\u5178\u4E2D.
PasswordPolicy.ILLEGAL_DIGEST_WORD_REVERSED=\u5BC6\u7801\u5305\u542B\u5728\u5B57\u5178\u5012\u5E8F\u4E2D.
PasswordPolicy.ILLEGAL_MATCH=\u5BC6\u7801\u5339\u914D\u975E\u6CD5\u89C4\u5219 '{0}'.
PasswordPolicy.ALLOWED_MATCH=\u5BC6\u7801\u5FC5\u987B\u5339\u914D\u89C4\u5219 '{0}'.
PasswordPolicy.ILLEGAL_CHAR=\u5BC6\u7801 {1} \u5305\u542B\u975E\u6CD5\u5B57\u7B26 '{0}'.
PasswordPolicy.ALLOWED_CHAR=\u5BC6\u7801 {1} \u975E\u6CD5\u5B57\u7B26 '{0}'.
PasswordPolicy.ILLEGAL_QWERTY_SEQUENCE=\u5BC6\u7801\u5305\u542B\u952E\u76D8\u5E8F\u5217 '{0}'.
PasswordPolicy.ILLEGAL_ALPHABETICAL_SEQUENCE=\u5BC6\u7801\u5305\u542B\u5B57\u7B26\u5E8F\u5217'{0}'.
PasswordPolicy.ILLEGAL_NUMERICAL_SEQUENCE=\u5BC6\u7801\u5305\u542B\u6570\u5B57\u5E8F\u5217 '{0}'.
PasswordPolicy.ILLEGAL_USERNAME=\u5BC6\u7801\u4E0D\u80FD\u5305\u542B\u767B\u5F55\u540D {0}.
PasswordPolicy.ILLEGAL_USERNAME_REVERSED=\u5BC6\u7801 {1} \u5305\u542B\u767B\u5F55\u540D {0} \u5012\u5E8F.
PasswordPolicy.ILLEGAL_WHITESPACE=\u5BC6\u7801 {1} \u5305\u542B\u7A7A\u683C.
PasswordPolicy.ILLEGAL_NUMBER_RANGE=\u5BC6\u7801 {1} \u6570\u5B57 '{0}'.
PasswordPolicy.ILLEGAL_REPEATED_CHARS=\u5BC6\u7801 {2} \u5E8F\u5217 {0} \u6216\u8005\u591A\u4E2A\u5B57\u7B26, \u4F46 {1} \u8BB8:{3}\u6B21.
PasswordPolicy.INSUFFICIENT_UPPERCASE=\u5BC6\u7801\u81F3\u5C11\u5305\u542B {0} \u4F4D\u5927\u5199\u5B57\u6BCD.
PasswordPolicy.INSUFFICIENT_LOWERCASE=\u5BC6\u7801\u81F3\u5C11\u5305\u542B {0} \u4F4D\u5C0F\u5199\u5B57\u6BCD.
PasswordPolicy.INSUFFICIENT_ALPHABETICAL=\u5BC6\u7801\u4FDD\u62A4\u5B57\u7B26\u5E8F\u5217{0}.
PasswordPolicy.INSUFFICIENT_DIGIT=\u5BC6\u7801\u81F3\u5C11\u5305\u542B {0} \u4F4D\u6570\u5B57\u5B57\u6BCD.
PasswordPolicy.INSUFFICIENT_SPECIAL=\u5BC6\u7801\u81F3\u5C11\u5305\u542B {0} \u4F4D\u7279\u6B8A\u5B57\u6BCD.
PasswordPolicy.INSUFFICIENT_CHARACTERISTICS=\u5BC6\u7801\u5339\u914D {0} of {2}\u5B57\u7B26\u89C4\u5219, \u4F46 {1} \u5FC5\u987B.
PasswordPolicy.INSUFFICIENT_COMPLEXITY=\u5BC6\u7801\u9047\u5230 {1} \u590D\u6742\u89C4\u5219, \u4F46 {2} \u5FC5\u987B.
PasswordPolicy.INSUFFICIENT_COMPLEXITY_RULES=\u6CA1\u6709\u914D\u7F6E\u5BC6\u7801\u957F\u5EA6\u89C4\u5219 {0}.
PasswordPolicy.SOURCE_VIOLATION=\u5BC6\u7801\u4E0D\u80FD\u5305\u542B {0} \u5BC6\u7801.
PasswordPolicy.TOO_LONG=\u5BC6\u7801\u5FC5\u987B\u5C0F\u4E8E {1} \u4F4D\u5B57\u7B26.
PasswordPolicy.TOO_SHORT=\u5BC6\u7801\u81F3\u5C11 {0} \u4F4D\u5B57\u7B26.
PasswordPolicy.TOO_MANY_OCCURRENCES=\u5BC6\u7801\u5305\u542B {2}\u51FA\u73B0 '{0}', \u6700\u591A {3} \u6B21.
PasswordPolicy.HISTORY_VIOLATION=\u5bc6\u7801\u5339\u914d\u4e86{0}\u5386\u53f2\u5bc6\u7801.
PasswordPolicy.ILLEGAL_WORD=\u5bc6\u7801\u5305\u542b\u5728\u5bc6\u7801\u5b57\u5178'{0}'.
PasswordPolicy.ILLEGAL_WORD_REVERSED=\u5bc6\u7801\u5305\u542b\u5728\u5bc6\u7801\u5b57\u5178\u5012\u5e8f'{0}'.
PasswordPolicy.ILLEGAL_DIGEST_WORD=\u5bc6\u7801\u5305\u542b\u5728\u5b57\u5178\u4e2d.
PasswordPolicy.ILLEGAL_DIGEST_WORD_REVERSED=\u5bc6\u7801\u5305\u542b\u5728\u5b57\u5178\u5012\u5e8f\u4e2d.
PasswordPolicy.ILLEGAL_MATCH=\u5bc6\u7801\u5339\u914d\u975e\u6cd5\u89c4\u5219'{0}'.
PasswordPolicy.ALLOWED_MATCH=\u5bc6\u7801\u5fc5\u987b\u5339\u914d\u89c4\u5219'{0}'.
PasswordPolicy.ILLEGAL_CHAR=\u5bc6\u7801{1}\u5305\u542b\u975e\u6cd5\u5b57\u7b26'{0}'.
PasswordPolicy.ALLOWED_CHAR=\u5bc6\u7801{1}\u975e\u6cd5\u5b57\u7b26'{0}'.
PasswordPolicy.ILLEGAL_QWERTY_SEQUENCE=\u5bc6\u7801\u5305\u542b\u952e\u76d8\u5e8f\u5217'{0}'.
PasswordPolicy.ILLEGAL_ALPHABETICAL_SEQUENCE=\u5bc6\u7801\u5305\u542b\u5b57\u7b26\u5e8f\u5217'{0}'.
PasswordPolicy.ILLEGAL_NUMERICAL_SEQUENCE=\u5bc6\u7801\u5305\u542b\u6570\u5b57\u5e8f\u5217'{0}'.
PasswordPolicy.ILLEGAL_USERNAME=\u5bc6\u7801\u4e0d\u80fd\u5305\u542b\u767b\u5f55\u540d{0}.
PasswordPolicy.ILLEGAL_USERNAME_REVERSED=\u5bc6\u7801{1} \u5305\u542b\u767b\u5f55\u540d{0}\u5012\u5e8f.
PasswordPolicy.ILLEGAL_WHITESPACE=\u5bc6\u7801{1}\u5305\u542b\u7a7a\u683c.
PasswordPolicy.ILLEGAL_NUMBER_RANGE=\u5bc6\u7801{1}\u6570\u5b57 '{0}'.
PasswordPolicy.ILLEGAL_REPEATED_CHARS=\u5bc6\u7801{2}\u5e8f\u5217{0}\u6216\u8005\u591a\u4e2a\u5b57\u7b26, \u4f46{1}\u5141\u8bb8:{3}\u6b21.
PasswordPolicy.INSUFFICIENT_UPPERCASE=\u5bc6\u7801\u81f3\u5c11\u5305\u542b{0}\u4f4d\u5927\u5199\u5b57\u6bcd.
PasswordPolicy.INSUFFICIENT_LOWERCASE=\u5bc6\u7801\u81f3\u5c11\u5305\u542b{0}\u4f4d\u5c0f\u5199\u5b57\u6bcd.
PasswordPolicy.INSUFFICIENT_ALPHABETICAL=\u5bc6\u7801\u5305\u542b\u5b57\u7b26\u5e8f\u5217{0}.
PasswordPolicy.INSUFFICIENT_DIGIT=\u5bc6\u7801\u81f3\u5c11\u5305\u542b{0}\u4f4d\u6570\u5b57\u5b57\u6bcd.
PasswordPolicy.INSUFFICIENT_SPECIAL=\u5bc6\u7801\u81f3\u5c11\u5305\u542b{0}\u4f4d\u7279\u6b8a\u5b57\u7b26.
PasswordPolicy.INSUFFICIENT_CHARACTERISTICS=\u5bc6\u7801\u5339\u914d {0} of{2}\u5b57\u7b26\u89c4\u5219, \u4f46{1} \u5fc5\u987b.
PasswordPolicy.INSUFFICIENT_COMPLEXITY=\u5bc6\u7801\u9047\u5230{1}\u590d\u6742\u89c4\u5219, \u4f46{2}\u5fc5\u987b.
PasswordPolicy.INSUFFICIENT_COMPLEXITY_RULES=\u6ca1\u6709\u914d\u7f6e\u5bc6\u7801\u957f\u5ea6\u89c4\u5219 {0}.
PasswordPolicy.SOURCE_VIOLATION=\u5bc6\u7801\u4e0d\u80fd\u5305\u542b{0}\u5bc6\u7801.
PasswordPolicy.TOO_LONG=\u5bc6\u7801\u6700\u591a{1}\u4f4d\u5b57\u7b26.
PasswordPolicy.TOO_SHORT=\u5bc6\u7801\u81f3\u5c11{0}\u4f4d\u5b57\u7b26.
PasswordPolicy.TOO_MANY_OCCURRENCES=\u5bc6\u7801\u5305\u542b{0}\u51fa\u73b0{1}, \u6700\u591a{2} \u6b21.
PasswordPolicy.OLD_PASSWORD_NOT_MATCH=\u539f\u5bc6\u7801\u4e0d\u5339\u914d.
PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH=\u65b0\u5bc6\u7801\u4e0e\u786e\u8ba4\u5bc6\u7801\u4e0d\u4e00\u81f4.
PasswordPolicy.OLD_PASSWORD_MATCH=\u65b0\u5bc6\u7801\u4e0d\u80fd\u4e0e\u65e7\u5bc6\u7801\u4e00\u81f4.

2
maxkey-core/src/test/java/org/maxkey/crypto/password/PasswordReciprocalTest.java
View File

@@ -32,7 +32,7 @@ public class PasswordReciprocalTest {
String epass=spe.encode(pass);
System.out.println("PasswordEncoder "+epass);
System.out.println(PasswordReciprocal.getInstance().decoder("bb2002b9f55b05d3e0e6f34ec5321051"));
System.out.println(PasswordReciprocal.getInstance().decoder("f1ee1e9b912f05333a06925c99daf9c0"));
}
}

4
maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java
View File

@@ -183,7 +183,9 @@ public class UserInfoService extends JpaBaseService<UserInfo> {
public boolean changePassword(UserInfo userInfo) {
try {
passwordPolicyValidator.validator(userInfo);
if(passwordPolicyValidator.validator(userInfo) == false) {
return false;
}
if(WebContext.getUserInfo() != null) {
userInfo.setModifiedBy(WebContext.getUserInfo().getId());

59
maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java
View File

@@ -26,6 +26,7 @@ import org.maxkey.constants.ConstantsTimeInterval;
import org.maxkey.crypto.ReciprocalUtils;
import org.maxkey.crypto.password.PasswordReciprocal;
import org.maxkey.domain.UserInfo;
import org.maxkey.persistence.db.PasswordPolicyValidator;
import org.maxkey.persistence.service.UserInfoService;
import org.maxkey.util.StringUtils;
import org.maxkey.web.WebConstants;
@@ -72,7 +73,10 @@ public class SafeController {
if(changeUserPassword(oldPassword,newPassword,confirmPassword)) {
return new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_SUCCESS),MessageType.success);
}else {
return new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_ERROR),MessageType.error);
return new Message(
WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_ERROR)+"<br>"
+WebContext.getAttribute(PasswordPolicyValidator.class.getName()),
MessageType.error);
}
}
@@ -83,17 +87,16 @@ public class SafeController {
@RequestParam(value ="confirmPassword",required = false) String confirmPassword) {
ModelAndView modelAndView=new ModelAndView("passwordExpired");
if(newPassword ==null ||newPassword.equals("")) {
UserInfo userInfo=WebContext.getUserInfo();
modelAndView.addObject("model", userInfo);
return modelAndView;
}else if(changeUserPassword(oldPassword,newPassword,confirmPassword)){
WebContext.getSession().setAttribute(WebConstants.CURRENT_LOGIN_USER_PASSWORD_SET_TYPE,ConstantsPasswordSetType.PASSWORD_NORMAL);
return WebContext.redirect("/index");
//modelAndView.setViewName("index");
}
new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_ERROR),MessageType.error);
Object errorMessage=WebContext.getAttribute(PasswordPolicyValidator.class.getName());
UserInfo userInfo=WebContext.getUserInfo();
modelAndView.addObject("model", userInfo);
modelAndView.addObject("errorMessage", errorMessage==null?"":errorMessage);
return modelAndView;
}
@@ -105,33 +108,53 @@ public class SafeController {
@RequestParam(value ="confirmPassword",required = false) String confirmPassword) {
ModelAndView modelAndView=new ModelAndView("passwordInitial");
if(newPassword ==null ||newPassword.equals("")) {
UserInfo userInfo=WebContext.getUserInfo();
modelAndView.addObject("model", userInfo);
return modelAndView;
}else if(changeUserPassword(oldPassword,newPassword,confirmPassword)){
WebContext.getSession().setAttribute(WebConstants.CURRENT_LOGIN_USER_PASSWORD_SET_TYPE,ConstantsPasswordSetType.PASSWORD_NORMAL);
return WebContext.redirect("/index");
//modelAndView.setViewName("index");
}
new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_ERROR),MessageType.error);
return modelAndView;
Object errorMessage=WebContext.getAttribute(PasswordPolicyValidator.class.getName());
modelAndView.addObject("errorMessage", errorMessage==null?"":errorMessage);
UserInfo userInfo=WebContext.getUserInfo();
modelAndView.addObject("model", userInfo);
return modelAndView;
}
public boolean changeUserPassword(String oldPassword,
String newPassword,
String confirmPassword){
UserInfo userInfo =WebContext.getUserInfo();
WebContext.setAttribute(PasswordPolicyValidator.class.getName(), "");
UserInfo userInfo = WebContext.getUserInfo();
UserInfo changeUserInfo = new UserInfo();
changeUserInfo.setUsername(userInfo.getUsername());
changeUserInfo.setPassword(newPassword);
changeUserInfo.setId(userInfo.getId());
changeUserInfo.setDecipherable(userInfo.getDecipherable());
_logger.debug("decipherable old : "+userInfo.getDecipherable());
_logger.debug("decipherable new : "+ReciprocalUtils.encode(PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(), newPassword)));
if(newPassword.equals(confirmPassword)){
if(oldPassword==null ||
passwordEncoder.matches(oldPassword, userInfo.getPassword())){
userInfo.setPassword(newPassword);
userInfoService.changePassword(userInfo);
//TODO syncProvisioningService.changePassword(userInfo);
return true;
if(userInfoService.changePassword(changeUserInfo)) {
userInfo.setPassword(changeUserInfo.getPassword());
userInfo.setDecipherable(changeUserInfo.getDecipherable());
return true;
}
}else {
if(oldPassword!=null &&
passwordEncoder.matches(newPassword, userInfo.getPassword())) {
WebContext.setAttribute(PasswordPolicyValidator.class.getName(),
WebContext.getI18nValue("PasswordPolicy.OLD_PASSWORD_MATCH"));
}else {
WebContext.setAttribute(PasswordPolicyValidator.class.getName(),
WebContext.getI18nValue("PasswordPolicy.OLD_PASSWORD_NOT_MATCH"));
}
}
}else {
WebContext.setAttribute(PasswordPolicyValidator.class.getName(),
WebContext.getI18nValue("PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH"));
}
return false;

9
maxkey-web-maxkey/src/main/resources/templates/views/passwordExpired.ftl
View File

@@ -21,7 +21,14 @@
<table class="table table-bordered" >
<tbody>
<tr>
<th colspan="2"><@locale code="login.password.expired.tip" /></th>
<th colspan="2">
<@locale code="login.password.expired.tip" />
</th>
</tr>
<tr <#if ''==errorMessage>style="display:none;"</#if>>
<th colspan="2" style="color:red;">
${errorMessage!}
</th>
</tr>
<tr>
<th><@locale code="userinfo.displayName" /> :</th>

5
maxkey-web-maxkey/src/main/resources/templates/views/passwordInitial.ftl
View File

@@ -23,6 +23,11 @@
<tr>
<th colspan="2"><@locale code="login.password.initial.change.tip" /></th>
</tr>
<tr <#if ''==errorMessage>style="display:none;"</#if>>
<th colspan="2" style="color:red;">
${errorMessage!}
</th>
</tr>
<tr>
<th><@locale code="userinfo.displayName" /> :</th>
<td>