ISSUE:
Current strong password check regular expression does not consider '_' as a special character
Change-Id: Ib64fe2e94c1e6c76f24d42bd256f3e708f40d1cc
Signed-off-by: Alessandro Boch <aboch@cisco.com>
private static final boolean strongPasswordCheck = Boolean.getBoolean("enableStrongPasswordCheck");
private static final String BAD_PASSWORD = "Bad Password";
private static final int USERNAME_MAXLENGTH = 32;
private static final boolean strongPasswordCheck = Boolean.getBoolean("enableStrongPasswordCheck");
private static final String BAD_PASSWORD = "Bad Password";
private static final int USERNAME_MAXLENGTH = 32;
- protected static final String PASSWORD_REGEX = "(?=.*[^\\w])(?=.*\\d)(?=.*[a-z])(?=.*[A-Z]).{8,256}$";
+ protected static final String PASSWORD_REGEX = "(?=.*[^a-zA-Z0-9])(?=.*\\d)(?=.*[a-z])(?=.*[A-Z]).{8,256}$";
private static final Pattern INVALID_USERNAME_CHARACTERS = Pattern.compile("([/\\s\\.\\?#%;\\\\]+)");
private static MessageDigest oneWayFunction = null;
static {
private static final Pattern INVALID_USERNAME_CHARACTERS = Pattern.compile("([/\\s\\.\\?#%;\\\\]+)");
private static MessageDigest oneWayFunction = null;
static {
// No special characters
password = "aBc4ef7H8";
assertFalse(password.matches(regex));
// No special characters
password = "aBc4ef7H8";
assertFalse(password.matches(regex));
+
+ // Underscore is a special character
+ password = "Azmb_123 ";
+ assertTrue(password.matches(regex));