예제 #1
0
  @Transient
  @JsonIgnore
  public boolean isAccountLocked() throws BaseException {

    PasswordPolicy passwordPolicy = passwordPolicyRepoImpl.getPolicy();

    return (failCount > passwordPolicy.getMaxWrongPass());
  }
  @Override
  public void validate(String password) throws BaseException {

    if (password.isEmpty()) {

      throw new DubbyInvalidPasswordException(
          securityDictionary.constructString("security.error.password.empty"));
    }

    Pattern alpha = Pattern.compile("[\\w]");
    Pattern numeric = Pattern.compile("[\\d]");
    Pattern special = Pattern.compile("[\\W_]");

    Matcher mAlpha = alpha.matcher(password);
    Matcher mNum = numeric.matcher(password);
    Matcher mSpecial = special.matcher(password);

    try {

      PasswordPolicy passwordPolicy = passwordPolicyRepo.getPolicy();

      if (passwordPolicy.getMustContainAlpha() && !mAlpha.find()) {
        throw new DubbyInvalidPasswordException(
            securityDictionary.constructString("security.error.password.not.contain.alpha"));
      } else if (passwordPolicy.getMustContainNumber() && !mNum.find()) {
        throw new DubbyInvalidPasswordException(
            securityDictionary.constructString("security.error.password.not.contain.number"));
      } else if (passwordPolicy.getMustContainSpecial() && !mSpecial.find()) {
        throw new DubbyInvalidPasswordException(
            securityDictionary.constructString(
                "security.error.password.not.contain.special.character"));
      } else if ((passwordPolicy.getMinPasswordLength().compareTo(new Short("0")) > 0)
          && (password.length() < passwordPolicy.getMinPasswordLength())) {
        throw new DubbyInvalidPasswordException(
            securityDictionary.constructString(
                "security.error.password.too.short", passwordPolicy.getMinPasswordLength()));

      } else if ((passwordPolicy.getMaxPasswordLength().compareTo(new Short("0")) > 0)
          && (password.length() > passwordPolicy.getMaxPasswordLength())) {

        throw new DubbyInvalidPasswordException(
            securityDictionary.constructString(
                "security.error.password.too.long", passwordPolicy.getMaxPasswordLength()));
      }
    } catch (Exception e) {

      if (e instanceof DubbyInvalidPasswordException) {

        throw e;
      }

      throw new DubbyInvalidPasswordException(
          securityDictionary.constructString("security.error.password.unknown"), e);
    }
  }