@Transient
@JsonIgnore
public boolean isAccountLocked() throws BaseException {
PasswordPolicy passwordPolicy = passwordPolicyRepoImpl.getPolicy();
return (failCount > passwordPolicy.getMaxWrongPass());
}
@Override
public void validate(String password) throws BaseException {
if (password.isEmpty()) {
throw new DubbyInvalidPasswordException(
securityDictionary.constructString("security.error.password.empty"));
}
Pattern alpha = Pattern.compile("[\\w]");
Pattern numeric = Pattern.compile("[\\d]");
Pattern special = Pattern.compile("[\\W_]");
Matcher mAlpha = alpha.matcher(password);
Matcher mNum = numeric.matcher(password);
Matcher mSpecial = special.matcher(password);
try {
PasswordPolicy passwordPolicy = passwordPolicyRepo.getPolicy();
if (passwordPolicy.getMustContainAlpha() && !mAlpha.find()) {
throw new DubbyInvalidPasswordException(
securityDictionary.constructString("security.error.password.not.contain.alpha"));
} else if (passwordPolicy.getMustContainNumber() && !mNum.find()) {
throw new DubbyInvalidPasswordException(
securityDictionary.constructString("security.error.password.not.contain.number"));
} else if (passwordPolicy.getMustContainSpecial() && !mSpecial.find()) {
throw new DubbyInvalidPasswordException(
securityDictionary.constructString(
"security.error.password.not.contain.special.character"));
} else if ((passwordPolicy.getMinPasswordLength().compareTo(new Short("0")) > 0)
&& (password.length() < passwordPolicy.getMinPasswordLength())) {
throw new DubbyInvalidPasswordException(
securityDictionary.constructString(
"security.error.password.too.short", passwordPolicy.getMinPasswordLength()));
} else if ((passwordPolicy.getMaxPasswordLength().compareTo(new Short("0")) > 0)
&& (password.length() > passwordPolicy.getMaxPasswordLength())) {
throw new DubbyInvalidPasswordException(
securityDictionary.constructString(
"security.error.password.too.long", passwordPolicy.getMaxPasswordLength()));
}
} catch (Exception e) {
if (e instanceof DubbyInvalidPasswordException) {
throw e;
}
throw new DubbyInvalidPasswordException(
securityDictionary.constructString("security.error.password.unknown"), e);
}
}