Adrian Crum wrote: > On 12/9/2012 2:59 PM, jler...@apache.org wrote: >> Author: jleroux >> Date: Sun Dec 9 14:59:52 2012 >> New Revision: 1418996 >> >> URL: http://svn.apache.org/viewvc?rev=1418996&view=rev >> Log: >> A slightly modified patch from Sumit Pandit for "Additional Validation for >> Password : Make password pattern driven" >> https://issues.apache.org/jira/browse/OFBIZ-4958 >> >> Provides an additional validation for password with following capability to >> the system: >> >> Admin can enable/disable pattern based password capability of system. >> Configuration will reside in security.property file. >> To enable : security.login.password.pattern.enable=true >> To disable: security.login.password.pattern.enable=false >> >> Admin is flexible to provide his pattern string by making pattern more/less >> restrictive as per system requirement. Configuration >> will reside in security.property file. Example: >> security.login.password.pattern=^.*(?=. {5,})(?=.[a-zA-Z])(?=.[!@#$%^&*]).*$ >> >> Admin can provide custom error message string which will display to end user >> if wrong password is entered. Configuration will >> reside in security.properity file. >> >> jleroux: I quickly handled the error message localisation for the OOTB case. >> It's more complicated when the pattern gets >> complex... >> >> Modified: >> ofbiz/trunk/framework/common/config/SecurityextUiLabels.xml >> >> ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java >> ofbiz/trunk/framework/security/config/security.properties >> > > Modified: > ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java?rev=1418996&r1=1418995&r2=1418996&view=diff > ============================================================================== > --- > ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java > (original) +++ > ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java > Sun Dec 9 14:59:52 2012 @@ -23,6 +23,8 @@ import java.sql.Timestamp; > import java.util.List; import java.util.Locale; import java.util.Map; > +import java.util.regex.Matcher; +import java.util.regex.Pattern; import > javax.transaction.Transaction; @@ -62,6 +64,8 @@ public class > LoginServices { public static final String module = > LoginServices.class.getName(); public static final String resource = > "SecurityextUiLabels"; + public static boolean usePasswordPattern = > "true".equals(UtilProperties.getPropertyValue("security.properties", > "security.login.password.pattern.enable")); + public static String > passwordPattern = UtilProperties.getPropertyValue("security.properties", > "security.login.password.pattern"); > > > Please do not store property values in static class fields - that makes > it impossible to change the settings at run-time. > > -Adrian
Sorry it's a bit more involved than expected for this morning, could you please adapt it to follow your need? Just curious, are you using PropertyUtils class of Apache commons beanutils to modify properties of Java object at runtime? Read more: http://javarevisited.blogspot.com/2012/04/java-propertyutils-example-getting-and.html#ixzz2Ej9FUJIY Jacques
