Passay 简明教程

Passay - M of N rules

很多时候,密码策略要求强制遵守给定规则中的最低规则,例如密码必须满足至少 M 条规则中的 N 条规则。考虑以下策略。

Many times a password policy mandated compliance to minimum rules out of given rules such as a password must be compliant with at least M of N rules. Consider the following policy.

  1. Length of password should be in between 8 to 16 characters.

  2. A password should not contain any whitespace.

  3. A password should contains at least three of the following: upper, lower, digit or symbol.

Example

以下示例显示了使用 Passay 库根据上述策略对密码进行验证的过程。

The below example shows the validation of a password against above policy using Passay library.

import java.io.FileNotFoundException;
import java.io.IOException;

import org.passay.CharacterCharacteristicsRule;
import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) throws FileNotFoundException, IOException {
      //Rule 1: Password length should be in between
      //8 and 16 characters
      Rule rule1 = new LengthRule(8, 16);
      //Rule 2: No whitespace allowed
      Rule rule2 = new WhitespaceRule();
      CharacterCharacteristicsRule rule3 = new CharacterCharacteristicsRule();
      //M - Mandatory characters count
      rule3.setNumberOfCharacteristics(3);
      //Rule 3.a: One Upper-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.UpperCase, 1));
      //Rule 3.b: One Lower-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.LowerCase, 1));
      //Rule 3.c: One digit
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Digit, 1));
      //Rule 3.d: One special character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Special, 1));

      PasswordValidator validator = new PasswordValidator(rule1, rule2, rule3);
      PasswordData password = new PasswordData("microsoft@123");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      } else {
         System.out.println("Invalid Password: " + validator.getMessages(result));
      }
   }
}

Output

Password validated.