Package org.opencms.security

Class CmsAdvancedPasswordHandler

java.lang.Object

org.opencms.security.CmsDefaultPasswordHandler

org.opencms.security.CmsAdvancedPasswordHandler

All Implemented Interfaces:

I_CmsConfigurationParameterHandler, I_CmsPasswordGenerator, I_CmsPasswordHandler, I_CmsPasswordSecurityEvaluator

public class CmsAdvancedPasswordHandler
extends CmsDefaultPasswordHandler

Validates the user passwords in with advanced password requirements.

Nested Class Summary

Nested classes/interfaces inherited from interface org.opencms.security.I_CmsPasswordSecurityEvaluator

I_CmsPasswordSecurityEvaluator.SecurityLevel

Field Summary

Fields inherited from class org.opencms.security.CmsDefaultPasswordHandler

PARAM_SCRYPT_FALLBACK, PARAM_SCRYPT_SETTINGS, PASSWORD_MIN_LENGTH, PASSWORD_SECURE_LENGTH

Fields inherited from interface org.opencms.configuration.I_CmsConfigurationParameterHandler

ADD_PARAMETER_METHOD, INIT_CONFIGURATION_METHOD

Fields inherited from interface org.opencms.security.I_CmsPasswordHandler

CONVERT_DIGEST_ENCODING, DIGEST_TYPE_MD5, DIGEST_TYPE_PLAIN, DIGEST_TYPE_SCRYPT, DIGEST_TYPE_SHA, DIGEST_TYPE_SSHA

Constructor Summary

Constructors

Constructor	Description
CmsAdvancedPasswordHandler()

Method Summary

Modifier and Type	Method	Description
I_CmsPasswordSecurityEvaluator.SecurityLevel	evaluatePasswordSecurity(String password)	Evaluates the given password security.
String	getPasswordSecurityHint(Locale locale)	Returns a hint describing how to set a secure password.
void	validatePassword(String password)	This method checks if a new password follows the rules for new passwords, which are defined by a Class configured in the opencms.properties file.

Methods inherited from class org.opencms.security.CmsDefaultPasswordHandler

addConfigurationParameter, checkPassword, digest, digest, getConfiguration, getDigestType, getInputEncoding, getRandomPassword, initConfiguration, setDigestType, setInputEncoding

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

CmsAdvancedPasswordHandler

public CmsAdvancedPasswordHandler()

Method Details

evaluatePasswordSecurity

public I_CmsPasswordSecurityEvaluator.SecurityLevel evaluatePasswordSecurity(String password)

Description copied from interface: I_CmsPasswordSecurityEvaluator

Evaluates the given password security.

Specified by:

evaluatePasswordSecurity in interface I_CmsPasswordSecurityEvaluator

Overrides:

evaluatePasswordSecurity in class CmsDefaultPasswordHandler

Parameters:

password - the password

Returns:

the security level as a number between 0 and 1, 0 meaning a low security and 1 a strong security

See Also:

• I_CmsPasswordSecurityEvaluator.evaluatePasswordSecurity(java.lang.String)

getPasswordSecurityHint

public String getPasswordSecurityHint(Locale locale)

Description copied from interface: I_CmsPasswordSecurityEvaluator

Returns a hint describing how to set a secure password.

Specified by:

getPasswordSecurityHint in interface I_CmsPasswordSecurityEvaluator

Overrides:

getPasswordSecurityHint in class CmsDefaultPasswordHandler

Parameters:

locale - the locale

Returns:

the password security hint

See Also:

• I_CmsPasswordSecurityEvaluator.getPasswordSecurityHint(java.util.Locale)

validatePassword

public void validatePassword(String password)
                      throws CmsSecurityException

Description copied from interface: I_CmsPasswordHandler

This method checks if a new password follows the rules for new passwords, which are defined by a Class configured in the opencms.properties file.

If this method throws no exception the password is valid.

Specified by:

validatePassword in interface I_CmsPasswordHandler

Overrides:

validatePassword in class CmsDefaultPasswordHandler

Parameters:

password - the password to check

Throws:

CmsSecurityException - if validation of the password failed

See Also:

• I_CmsPasswordHandler.validatePassword(java.lang.String)