Passay - 快速指南

Passay - 概述

Passay 是一個基於 Java 的密碼生成和驗證庫。它提供了全面的功能列表，用於驗證/生成密碼，並且高度可配置。

Passay 元件

Passay API 有 3 個核心元件。

規則 - 一條或多條規則，定義密碼策略規則集。
PasswordValidator - 一個驗證元件，根據給定的規則集驗證密碼。
PasswordGenerator - 一個生成元件，生成滿足給定規則集的密碼。

規則概述

規則是密碼驗證和生成的基石。規則主要分為兩大類：

正則匹配要求密碼滿足規則。
負則匹配拒絕滿足規則的密碼。

特性

以下是 Passay 庫提供的一些特性。

密碼驗證 Passay 庫透過根據可配置的規則集驗證密碼來幫助執行密碼策略。它有一套豐富的現有規則，適用於常見的用例。對於其他情況，它提供了一個簡單的 Rule 介面來實現自定義規則。
密碼生成 - 它提供了一個可配置的規則集，也可以用於生成密碼。
命令列工具 - 它提供工具來自動執行密碼策略。
方便 - 易於使用。
可擴充套件 - 所有 Passay 元件都是可擴充套件的。
支援國際化 - Passay 元件已準備好進行國際化。

Passay - 環境設定

設定 Java

如果您仍然希望為 Java 程式語言設定環境，那麼本節將指導您如何在機器上下載和設定 Java。請按照下面提到的步驟設定環境。

Java SE 可從以下連結免費獲得下載 Java。因此，您可以根據您的作業系統下載一個版本。

按照說明下載 Java 並執行.exe 檔案以在您的機器上安裝 Java。在您的機器上安裝 Java 後，您需要設定環境變數以指向正確的安裝目錄 -

為 Windows 2000/XP 設定路徑

我們假設您已將 Java 安裝在c:\Program Files\java\jdk 目錄中 -

右鍵單擊“我的電腦”，然後選擇“屬性”。
在“高階”選項卡下單擊“環境變數”按鈕。
現在，修改“Path”變數，使其還包含 Java 可執行檔案的路徑。例如，如果路徑當前設定為“C:\WINDOWS\SYSTEM32”，則將路徑更改為“C:\WINDOWS\SYSTEM32;c:\Program Files\java\jdk\bin”。

為 Windows 95/98/ME 設定路徑

我們假設您已將 Java 安裝在c:\Program Files\java\jdk 目錄中 -

編輯“C:\autoexec.bat”檔案，並在末尾新增以下行 - 'SET PATH=%PATH%;C:\Program Files\java\jdk\bin'

為 Linux、UNIX、Solaris、FreeBSD 設定路徑

環境變數 PATH 應設定為指向 Java 二進位制檔案安裝的位置。如果您在執行此操作時遇到問題，請參閱您的 shell 文件。

例如，如果您使用 bash 作為您的 shell，則您將在“.bashrc”的末尾新增以下行：export PATH=/path/to/java:$PATH'

流行的 Java 編輯器

要編寫 Java 程式，您需要一個文字編輯器。市場上有很多複雜的 IDE 可用。但目前，您可以考慮以下其中一項 -

記事本 - 在 Windows 機器上，您可以使用任何簡單的文字編輯器，如記事本（推薦用於本教程）、TextPad。
Netbeans - 它是一個開源且免費的 Java IDE，可以從 https://www.netbeans.org/index.html 下載。
Eclipse - 它也是由 Eclipse 開源社群開發的 Java IDE，可以從 https://www.eclipse.org/ 下載。

下載 Passay 歸檔檔案

從 Maven 儲存庫 - 下載最新版本的 Passay jar 檔案。在本教程中，passay-1.6.1.jar 被下載並複製到 C:\> passay 資料夾中。

作業系統	歸檔檔名
Windows	passay-1.6.1.jar
Linux	passay-1.6.1.jar
Mac	passay-1.6.1.jar

設定 Passay 環境

設定PASSAY環境變數以指向 Passay jar 儲存在您機器上的基本目錄位置。假設，我們在各種作業系統上的 Passay 資料夾中提取了 passay-1.6.1.jar，如下所示。

作業系統	輸出
Windows	將環境變數 PASSAY 設定為 C:\Passay
Linux	export PASSAY=/usr/local/Passay
Mac	export PASSAY=/Library/Passay

設定 CLASSPATH 變數

設定CLASSPATH環境變數以指向 Passay jar 的位置。假設，您已將 passay-1.6.1.jar 儲存在各種作業系統上的 Passay 資料夾中，如下所示。

作業系統	輸出
Windows	將環境變數 CLASSPATH 設定為 %CLASSPATH%;%Passay%\passay-1.6.1.jar;.;
Linux	export CLASSPATH=$CLASSPATH:$PASSAY/passay-1.6.1.jar:.
Mac	export CLASSPATH=$CLASSPATH:$PASSAY/passay-1.6.1.jar:.

Passay - 密碼驗證

典型的密碼策略包含一組規則，用於檢查密碼是否符合組織規則。請考慮以下策略

密碼長度應在 8 到 16 個字元之間。
密碼不能包含任何空格。
密碼應包含以下每個字元：大寫字母、小寫字母、數字和符號。

示例

以下示例演示了使用 Passay 庫根據上述策略驗證密碼。

import java.util.ArrayList;
import java.util.List;

import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
    public static void main(String[] args) {
        
        List<Rule> rules = new ArrayList<>();        
        //Rule 1: Password length should be in between 
        //8 and 16 characters
        rules.add(new LengthRule(8, 16));        
        //Rule 2: No whitespace allowed
        rules.add(new WhitespaceRule());        
        //Rule 3.a: At least one Upper-case character
        rules.add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
        //Rule 3.b: At least one Lower-case character
        rules.add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
        //Rule 3.c: At least one digit
        rules.add(new CharacterRule(EnglishCharacterData.Digit, 1));        
        //Rule 3.d: At least one special character
        rules.add(new CharacterRule(EnglishCharacterData.Special, 1));
        
        PasswordValidator validator = new PasswordValidator(rules);        
        PasswordData password = new PasswordData("Microsoft@123");        
        RuleResult result = validator.validate(password);
        
        if(result.isValid()){
            System.out.println("Password validated.");
        }else{
            System.out.println("Invalid Password: " + validator.getMessages(result));            
        }
    }
}

輸出

Password validated.

Passay - 自定義訊息

Passay 庫提供了一個 MessageResolver API 來覆蓋驗證程式使用的預設訊息。它可以獲取自定義屬性檔案的路徑，並使用標準鍵來覆蓋所需的訊息。

示例

以下示例演示了密碼的驗證並使用 Passay 庫顯示自定義訊息。

messages.properties

INSUFFICIENT_UPPERCASE=Password missing at least %1$s uppercase characters.

PassayExample.java

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.URL;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;

import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.MessageResolver;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.PropertiesMessageResolver;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) throws FileNotFoundException, IOException {
      List<Rule> rules = new ArrayList<>();
      rules.add(new LengthRule(8, 16));
      rules.add(new WhitespaceRule());
      rules.add(new CharacterRule(EnglishCharacterData.UpperCase, 1));
      rules.add(new CharacterRule(EnglishCharacterData.LowerCase, 1));
      rules.add(new CharacterRule(EnglishCharacterData.Digit, 1));
      rules.add(new CharacterRule(EnglishCharacterData.Special, 1));

      Properties props = new Properties();
      props.load(new FileInputStream("E:/Test/messages.properties"));
      MessageResolver resolver = new PropertiesMessageResolver(props);

      PasswordValidator validator = new PasswordValidator(resolver, rules);
      PasswordData password = new PasswordData("microsoft@123");
      RuleResult result = validator.validate(password);
      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

輸出

Invalid Password: [Password missing at least 1 uppercase characters.]

Passay - M of N 規則

很多時候，密碼策略強制執行對給定規則中的最小規則的合規性，例如密碼必須符合至少 M 個 N 規則。請考慮以下策略。

密碼長度應在 8 到 16 個字元之間。
密碼不能包含任何空格。
密碼應包含以下至少三個字元：大寫字母、小寫字母、數字或符號。

示例

以下示例演示了使用 Passay 庫根據上述策略驗證密碼。

import java.io.FileNotFoundException;
import java.io.IOException;

import org.passay.CharacterCharacteristicsRule;
import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) throws FileNotFoundException, IOException {
      //Rule 1: Password length should be in between 
      //8 and 16 characters
      Rule rule1 = new LengthRule(8, 16);        
      //Rule 2: No whitespace allowed
      Rule rule2 = new WhitespaceRule();        
      CharacterCharacteristicsRule rule3 = new CharacterCharacteristicsRule();        
      //M - Mandatory characters count
      rule3.setNumberOfCharacteristics(3);        
      //Rule 3.a: One Upper-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
      //Rule 3.b: One Lower-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
      //Rule 3.c: One digit
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Digit, 1));        
      //Rule 3.d: One special character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Special, 1));

      PasswordValidator validator = new PasswordValidator(rule1, rule2, rule3);        
      PasswordData password = new PasswordData("microsoft@123");        
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

輸出

Password validated.

Passay - 密碼生成

PasswordGenerator 幫助使用給定策略生成密碼。請考慮以下策略 -

密碼長度應為 8 個字元。
密碼應包含以下每個字元：大寫字母、小寫字母、數字和符號。

示例

以下示例演示了使用 Passay 庫根據上述策略生成密碼。

import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.PasswordGenerator;

public class PassayExample {
   public static void main(String[] args) {
      CharacterRule alphabets = new CharacterRule(EnglishCharacterData.Alphabetical);
      CharacterRule digits = new CharacterRule(EnglishCharacterData.Digit);
      CharacterRule special = new CharacterRule(EnglishCharacterData.Special);

      PasswordGenerator passwordGenerator = new PasswordGenerator();
      String password = passwordGenerator.generatePassword(8, alphabets, digits, special);
      System.out.println(password);
   }
}

輸出

?\DE~@c3

Passay - AllowedCharacterRule

AllowedCharacterRule 允許指定密碼可以包含的字元。請考慮以下示例。

示例

以下示例演示了使用 Passay 庫根據上述策略驗證密碼。

import org.passay.AllowedCharacterRule;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Password should contains only a, b and c       
      Rule rule1 = new AllowedCharacterRule(new char[] {'a', 'b', 'c'});
      //8 and 16 characters
      Rule rule2 = new LengthRule(8, 16);    

      PasswordValidator validator = new PasswordValidator(rule1, rule2);
      PasswordData password = new PasswordData("abcabcab1");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

輸出

Invalid Password: [Password contains the illegal character '1'.]

Passay - AllowedRegexRule

AllowedRegexRule 允許指定密碼應滿足的正則表示式模式。請考慮以下示例。

示例

以下示例演示了使用 Passay 庫根據上述策略驗證密碼。

import org.passay.AllowedRegexRule;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Password should contains alphabets only
      Rule rule1 = new AllowedRegexRule("^[A-Za-z]+$");
      //8 and 16 characters
      Rule rule2 = new LengthRule(8, 16);    

      PasswordValidator validator = new PasswordValidator(rule1, rule2);
      PasswordData password = new PasswordData("microsoft@123");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

輸出

Invalid Password: [Password must match pattern '^[A-Za-z]+$'.]

Passay - CharacterRule

CharacterRule 幫助定義一組字元和密碼中所需的最小字元數。

示例

以下示例演示了使用 Passay 庫根據上述策略驗證密碼。

import java.util.ArrayList;
import java.util.List;

import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
    public static void main(String[] args) {
        
        List<Rule> rules = new ArrayList<>();        
        //Rule 1: Password length should be in between 
        //8 and 16 characters
        rules.add(new LengthRule(8, 16));        
        //Rule 2: No whitespace allowed
        rules.add(new WhitespaceRule());        
        //Rule 3.a: At least one Upper-case character
        rules.add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
        //Rule 3.b: At least one Lower-case character
        rules.add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
        //Rule 3.c: At least one digit
        rules.add(new CharacterRule(EnglishCharacterData.Digit, 1));        
        //Rule 3.d: At least one special character
        rules.add(new CharacterRule(EnglishCharacterData.Special, 1));
        
        PasswordValidator validator = new PasswordValidator(rules);        
        PasswordData password = new PasswordData("Microsoft@123");        
        RuleResult result = validator.validate(password);
        
        if(result.isValid()){
            System.out.println("Password validated.");
        }else{
            System.out.println("Invalid Password: " + validator.getMessages(result));            
        }
    }
}

輸出

Password validated.

Passay - LengthRule

LengthRule 幫助定義密碼的最小和最大長度。

示例

以下示例演示了使用 Passay 庫根據上述策略驗證密碼。

import java.util.ArrayList;
import java.util.List;

import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
    public static void main(String[] args) {
        
        List<Rule> rules = new ArrayList<>();        
        //Rule 1: Password length should be in between 
        //8 and 16 characters
        rules.add(new LengthRule(8, 16));        
        //Rule 2: No whitespace allowed
        rules.add(new WhitespaceRule());        
        //Rule 3.a: At least one Upper-case character
        rules.add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
        //Rule 3.b: At least one Lower-case character
        rules.add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
        //Rule 3.c: At least one digit
        rules.add(new CharacterRule(EnglishCharacterData.Digit, 1));        
        //Rule 3.d: At least one special character
        rules.add(new CharacterRule(EnglishCharacterData.Special, 1));
        
        PasswordValidator validator = new PasswordValidator(rules);        
        PasswordData password = new PasswordData("Microsoft@123");        
        RuleResult result = validator.validate(password);
        
        if(result.isValid()){
            System.out.println("Password validated.");
        }else{
            System.out.println("Invalid Password: " + validator.getMessages(result));            
        }
    }
}

輸出

Password validated.

Passay - CharacterCharacteristicsRule

CharacterCharacteristicsRule 幫助定義密碼是否滿足給定的 N 個定義的規則。

示例

以下示例演示了使用 Passay 庫根據上述策略驗證密碼。

import java.io.FileNotFoundException;
import java.io.IOException;

import org.passay.CharacterCharacteristicsRule;
import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) throws FileNotFoundException, IOException {
      //Rule 1: Password length should be in between 
      //8 and 16 characters
      Rule rule1 = new LengthRule(8, 16);        
      //Rule 2: No whitespace allowed
      Rule rule2 = new WhitespaceRule();        
      CharacterCharacteristicsRule rule3 = new CharacterCharacteristicsRule();        
      //M - Mandatory characters count
      rule3.setNumberOfCharacteristics(3);        
      //Rule 3.a: One Upper-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
      //Rule 3.b: One Lower-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
      //Rule 3.c: One digit
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Digit, 1));        
      //Rule 3.d: One special character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Special, 1));

      PasswordValidator validator = new PasswordValidator(rule1, rule2, rule3);        
      PasswordData password = new PasswordData("microsoft@123");        
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

輸出

Password validated.

Passay - LengthComplexityRule

LengthComplexityRule 幫助根據密碼的長度定義適用的規則。請考慮以下策略。

如果密碼長度在 1 到 5 個字元之間，則只允許小寫字母。
如果密碼長度在 6 到 8 個字元之間，則只允許 a、b 和 c。

示例

以下示例演示了使用 Passay 庫根據上述策略驗證密碼。

import org.passay.AllowedCharacterRule;
import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthComplexityRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;

public class PassayExample {
   public static void main(String[] args) {
      LengthComplexityRule lengthComplexityRule = new LengthComplexityRule();
      //Rule: Password of 1 to 5 characters should contains lower case alphabets only
      lengthComplexityRule.addRules("[1,5]", 
         new CharacterRule(EnglishCharacterData.LowerCase, 5));
      //8 and 16 characters
      lengthComplexityRule.addRules("[6,8]", 
         new AllowedCharacterRule(new char[] { 'a', 'b', 'c' }));    
      PasswordValidator validator = new PasswordValidator(lengthComplexityRule);
      PasswordData password = new PasswordData("abcdef");
      RuleResult result = validator.validate(password);
      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

輸出

Invalid Password: [
Password contains the illegal character 'd'., 
Password contains the illegal character 'e'., 
Password contains the illegal character 'f'., 
Password meets 0 complexity rules, but 1 are required.]

Passay - IllegalCharacterRule

IllegalCharacterRule 允許指定密碼中不允許的字元。請考慮以下示例。

import org.passay.IllegalCharacterRule;
import org.passay.NumberRangeRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Special characters like &, <, > are not allowed in a password 
      IllegalCharacterRule illegalCharacterRule 
         = new IllegalCharacterRule(new char[] {'&', '<', '>'});

      //Rule: 1 to 5 numbers are not allowed
      NumberRangeRule numberRangeRule = new NumberRangeRule(1, 5);

      //Rule: White spaces are not allowed
      WhitespaceRule whitespaceRule = new WhitespaceRule();

      PasswordValidator validator 
         = new PasswordValidator(illegalCharacterRule,numberRangeRule,whitespaceRule);
      PasswordData password = new PasswordData("abc&4d  ef6");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

輸出

Invalid Password: [
Password contains the illegal character '&'.,
Password contains the number '4'.,
Password contains a whitespace character.]

Passay - NumberRangeRule

NumberRangeRule 允許指定密碼中不允許的數字範圍。請考慮以下示例。

import org.passay.IllegalCharacterRule;
import org.passay.NumberRangeRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Special characters like &, <, > are not allowed in a password 
      IllegalCharacterRule illegalCharacterRule 
         = new IllegalCharacterRule(new char[] {'&', '<', '>'});

      //Rule: 1 to 5 numbers are not allowed
      NumberRangeRule numberRangeRule = new NumberRangeRule(1, 5);

      //Rule: White spaces are not allowed
      WhitespaceRule whitespaceRule = new WhitespaceRule();

      PasswordValidator validator 
         = new PasswordValidator(illegalCharacterRule,numberRangeRule,whitespaceRule);
      PasswordData password = new PasswordData("abc&4d  ef6");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

輸出

Invalid Password: [
Password contains the illegal character '&'.,
Password contains the number '4'.,
Password contains a whitespace character.]

Passay - WhitespaceRule

WhitespaceRule 允許指定密碼中不允許使用空格。請考慮以下示例。

示例

import org.passay.IllegalCharacterRule;
import org.passay.NumberRangeRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Special characters like &, <, > are not allowed in a password 
      IllegalCharacterRule illegalCharacterRule 
         = new IllegalCharacterRule(new char[] {'&', '<', '>'});

      //Rule: 1 to 5 numbers are not allowed
      NumberRangeRule numberRangeRule = new NumberRangeRule(1, 5);

      //Rule: White spaces are not allowed
      WhitespaceRule whitespaceRule = new WhitespaceRule();

      PasswordValidator validator 
         = new PasswordValidator(illegalCharacterRule,numberRangeRule,whitespaceRule);
      PasswordData password = new PasswordData("abc&4d  ef6");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

輸出

Invalid Password: [
Password contains the illegal character '&'.,
Password contains the number '4'.,
Password contains a whitespace character.]

Passay - DictionaryRule

DictionaryRule 允許檢查某些單詞是否未指定為密碼。請考慮以下示例。

示例

import org.passay.DictionaryRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.dictionary.ArrayWordList;
import org.passay.dictionary.WordListDictionary;

public class PassayExample {
   public static void main(String[] args) {
      WordListDictionary wordListDictionary = new WordListDictionary(
         new ArrayWordList(new String[] { "password", "username" }));
      DictionaryRule dictionaryRule = new DictionaryRule(wordListDictionary);
      PasswordValidator validator 
         = new PasswordValidator(dictionaryRule);
      PasswordData password = new PasswordData("password");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

輸出

Invalid Password: [Password contains the dictionary word 'password'.]

Passay - DictionarySubstringRule

DictionarySubstringRule 允許檢查某些單詞是否不是密碼的一部分。請考慮以下示例。

示例

import org.passay.DictionarySubstringRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.dictionary.ArrayWordList;
import org.passay.dictionary.WordListDictionary;

public class PassayExample {
   public static void main(String[] args) {
      WordListDictionary wordListDictionary = new WordListDictionary(
         new ArrayWordList(new String[] { "password", "username" }));
      DictionarySubstringRule dictionaryRule = new DictionarySubstringRule(wordListDictionary);
      PasswordValidator validator 
         = new PasswordValidator(dictionaryRule);
      PasswordData password = new PasswordData("password@123");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

輸出

Invalid Password: [Password contains the dictionary word 'password'.]

Passay - HistoryRule

HistoryRule 允許檢查給定密碼在最近一段時間內是否未使用過。請考慮以下示例。

示例

import org.passay.HistoryRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.SourceRule;

public class PassayExample {
   public static void main(String[] args) {
      SourceRule sourceRule = new SourceRule();
      HistoryRule historyRule = new HistoryRule();
      PasswordValidator validator 
         = new PasswordValidator(sourceRule, historyRule);
      PasswordData password = new PasswordData("password@123");
      password.setPasswordReferences(
         new PasswordData.SourceReference("source", "password"), 
         new PasswordData.HistoricalReference("password@123")
      );
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

輸出

Invalid Password: [Password matches one of 1 previous passwords.]

Passay - RepeatCharacterRegexRule

RepeatCharacterRegexRule 允許檢查給定密碼是否重複了 ASCII 字元。請考慮以下示例。

示例

import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RepeatCharacterRegexRule;
import org.passay.Rule;
import org.passay.RuleResult;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Password should not contain repeated entries
      Rule rule1 = new RepeatCharacterRegexRule(3);
      //8 and 16 characters
      Rule rule2 = new LengthRule(8, 16);    

      PasswordValidator validator = new PasswordValidator(rule1, rule2);
      PasswordData password = new PasswordData("aaefhehhhhh");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

輸出

Invalid Password: [Password matches the illegal pattern 'hhh'.]

Passay - UsernameRule

UsernameRule 確保密碼不包含使用者名稱。請考慮以下示例。

示例

import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.UsernameRule;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Password should not contain user-name
      Rule rule = new UsernameRule();
      
      PasswordValidator validator = new PasswordValidator(rule);
      PasswordData password = new PasswordData("microsoft");
      password.setUsername("micro");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

輸出

Invalid Password: [Password contains the user id 'micro'.]

列印頁面