DaanHoogland commented on issue #6861:
URL: https://github.com/apache/cloudstack/issues/6861#issuecomment-1403553917
> apologies for pinging , I am bit new to open source(recently started
exploring) and have never saw this much huge codebases so i am a bit overwhelmed
@Pavan-Nambi that is all perfectly allright. I think you are asking the
right questions.
About your implementation plan:
> hey @DaanHoogland should i update code here with some regex and add
`configValuesForValidation.add("vm.password.complexity")` referring to
config.java ?
Do not add values to Config.java. the other
[file](https://github.com/apache/cloudstack/blob/main/server/src/main/java/com/cloud/server/ManagementServerImpl.java)
sounds much better.
> ` static final ConfigKey<Integer> vmPasswordComplexity = new
ConfigKey<>("Advanced", Integer.class, "vm.password.complexity", "1",
"Specifies the complexity of a randomly generated password", false);`
complexity as integer doesn´t sound right. Is this intended to be the
length? The length is only one of the facets of the complexity of a password.
If you want implement a regex , I would make that a string configuration
value.
For a PW usually a number of char sets is required/allowed and a length and
for each of the sets, usually a minimum of one occurance is required.
making an extreme example:
one digit below 6
one digit above 5
one capital letter
one lower case
one of (,),[,],{,},<,>
one of ,,.,!,?,:,;
etc
I am not sure if this makes sense en whether it answers your question. You
can create a PR we we can go from there, ask your questions there and others
can suggest improvements until we consider it good for merge.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
