From 36262999dfccd4bca88ab67854db10b36e47fe0c Mon Sep 17 00:00:00 2001 From: Alessandro Boch Date: Tue, 24 Sep 2013 10:03:19 -0700 Subject: [PATCH] Strong password check to consider underscore as a special character ISSUE: Current strong password check regular expression does not consider '_' as a special character Change-Id: Ib64fe2e94c1e6c76f24d42bd256f3e708f40d1cc Signed-off-by: Alessandro Boch --- .../org/opendaylight/controller/usermanager/UserConfig.java | 2 +- .../controller/usermanager/AuthorizationUserConfigTest.java | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/opendaylight/usermanager/api/src/main/java/org/opendaylight/controller/usermanager/UserConfig.java b/opendaylight/usermanager/api/src/main/java/org/opendaylight/controller/usermanager/UserConfig.java index 07c814adf1..2e03db1655 100644 --- a/opendaylight/usermanager/api/src/main/java/org/opendaylight/controller/usermanager/UserConfig.java +++ b/opendaylight/usermanager/api/src/main/java/org/opendaylight/controller/usermanager/UserConfig.java @@ -38,7 +38,7 @@ public class UserConfig implements Serializable { private static final boolean strongPasswordCheck = Boolean.getBoolean("enableStrongPasswordCheck"); private static final String BAD_PASSWORD = "Bad Password"; private static final int USERNAME_MAXLENGTH = 32; - protected static final String PASSWORD_REGEX = "(?=.*[^\\w])(?=.*\\d)(?=.*[a-z])(?=.*[A-Z]).{8,256}$"; + protected static final String PASSWORD_REGEX = "(?=.*[^a-zA-Z0-9])(?=.*\\d)(?=.*[a-z])(?=.*[A-Z]).{8,256}$"; private static final Pattern INVALID_USERNAME_CHARACTERS = Pattern.compile("([/\\s\\.\\?#%;\\\\]+)"); private static MessageDigest oneWayFunction = null; static { diff --git a/opendaylight/usermanager/api/src/test/java/org/opendaylight/controller/usermanager/AuthorizationUserConfigTest.java b/opendaylight/usermanager/api/src/test/java/org/opendaylight/controller/usermanager/AuthorizationUserConfigTest.java index 8c029a7488..4c377271dc 100644 --- a/opendaylight/usermanager/api/src/test/java/org/opendaylight/controller/usermanager/AuthorizationUserConfigTest.java +++ b/opendaylight/usermanager/api/src/test/java/org/opendaylight/controller/usermanager/AuthorizationUserConfigTest.java @@ -153,5 +153,9 @@ public class AuthorizationUserConfigTest { // No special characters password = "aBc4ef7H8"; assertFalse(password.matches(regex)); + + // Underscore is a special character + password = "Azmb_123 "; + assertTrue(password.matches(regex)); } } -- 2.36.6