PasswordPolicy

2026-05-16 21:40:42 +08:00 · 2020-08-31 23:39:47 +08:00
parent 9946e1a2c3
commit ab0b5959bb
10 changed files with 172 additions and 95 deletions
--- a/maxkey-core/src/main/java/org/maxkey/domain/PasswordPolicy.java
+++ b/maxkey-core/src/main/java/org/maxkey/domain/PasswordPolicy.java
@@ -121,6 +121,7 @@ public class PasswordPolicy extends JpaBaseDomain implements java.io.Serializabl
    @Column
    private int occurances;
    
+    private int randomPasswordLength;

    /**
     * @return the minLength
@@ -328,6 +329,14 @@ public class PasswordPolicy extends JpaBaseDomain implements java.io.Serializabl
    public void setOccurances(int occurances) {
        this.occurances = occurances;
    }
+    
+    public int getRandomPasswordLength() {
+        return randomPasswordLength;
+    }
+
+    public void setRandomPasswordLength(int randomPasswordLength) {
+        this.randomPasswordLength = randomPasswordLength;
+    }

    public void check(String username, String newPassword, String oldPassword) throws PasswordPolicyException {
        if ((1 == this.getUsername()) && newPassword.toLowerCase().contains(username.toLowerCase())) {
--- a/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java
+++ b/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java
@@ -25,6 +25,8 @@ import org.passay.CharacterOccurrencesRule;
 import org.passay.CharacterRule;
 import org.passay.DictionaryRule;
 import org.passay.EnglishCharacterData;
+import org.passay.EnglishSequenceData;
+import org.passay.IllegalSequenceRule;
 import org.passay.LengthRule;
 import org.passay.PasswordData;
 import org.passay.PasswordValidator;
@@ -92,6 +94,16 @@ public class PasswordPolicyValidator {
            _logger.debug("query PasswordPolicy : " + passwordPolicy);
            passwordPolicyStore.put(PASSWORD_POLICY_KEY,passwordPolicy);
            
+            //init Password Policy
+            passwordPolicy.setRandomPasswordLength(
+                Math.round(
+                        (
+                                passwordPolicy.getMaxLength() + 
+                                passwordPolicy.getMinLength()
+                        )/2
+                   )
+            );
+            
            passwordPolicyRuleList = new ArrayList<Rule>();
            passwordPolicyRuleList.add(new WhitespaceRule());
            passwordPolicyRuleList.add(new LengthRule(passwordPolicy.getMinLength(), passwordPolicy.getMaxLength()));
@@ -120,12 +132,23 @@ public class PasswordPolicyValidator {
                passwordPolicyRuleList.add(new CharacterOccurrencesRule(passwordPolicy.getOccurances()));
            }
            
+            if(passwordPolicy.getAlphabetical()>0) {
+                passwordPolicyRuleList.add(new IllegalSequenceRule(EnglishSequenceData.Alphabetical, 4, false));
+            }
+            
+            if(passwordPolicy.getNumerical()>0) {
+                passwordPolicyRuleList.add(new IllegalSequenceRule(EnglishSequenceData.Numerical, 4, false));
+            }
+            
+            if(passwordPolicy.getQwerty()>0) {
+                passwordPolicyRuleList.add(new IllegalSequenceRule(EnglishSequenceData.USQwerty, 4, false));
+            }
+                        
            if(passwordPolicy.getDictionary()>0 ) {
                try {
                    ClassPathResource dictFile= 
                            new ClassPathResource(
                                    ConstantsProperties.classPathResource(topWeakPasswordPropertySource));
-                    
                    Dictionary dictionary =new DictionaryBuilder().addReader(new InputStreamReader(dictFile.getInputStream())).build();
                    passwordPolicyRuleList.add(new DictionaryRule(dictionary));
                }catch(Exception e) {
@@ -143,6 +166,7 @@ public class PasswordPolicyValidator {
     */
   public boolean validator(UserInfo userInfo) {
       
+       
       String password = userInfo.getPassword();
       String username = userInfo.getUsername();
       
@@ -159,15 +183,18 @@ public class PasswordPolicyValidator {
       RuleResult result = validator.validate(new PasswordData(username,password));
       
       if (result.isValid()) {
-           System.out.println("Password is valid");
-         } else {
-           System.out.println("Invalid password:");
+           _logger.debug("Password is valid");
+           return true;
+       } else {
+           _logger.debug("Invalid password:");
+           String passwordPolicyMessage = "";
           for (String msg : validator.getMessages(result)) {
-             System.out.println(msg);
+               passwordPolicyMessage = passwordPolicyMessage + msg + "<br>";
+               _logger.debug("Rule Message " + msg);
           }
-         }
-       
-       return true;
+           WebContext.setAttribute(PasswordPolicyValidator.class.getName(), passwordPolicyMessage);
+           return false;
+       }
   }
   
   
@@ -329,13 +356,8 @@ public class PasswordPolicyValidator {
   public String generateRandomPassword() {
       getPasswordPolicy();
       PasswordGen passwordGen = new PasswordGen(
-               Math.round(
-                       (
-                               passwordPolicy.getMaxLength() + 
-                               passwordPolicy.getMinLength()
-                       )/2
-                  )
-               );
+               passwordPolicy.getRandomPasswordLength()
+       );
       
       return passwordGen.gen(
               passwordPolicy.getLowerCase(),