Java的密码生成和验证库Passay − 快速指南

帕赛 − 概述

Passay是一个基于Java的密码生成和验证库。它提供了全面的功能列表，以便验证/生成密码，并且高度可配置。

帕赛组件

Passay API 有 3 个核心组件。

• 规则 - 定义密码策略规则集的一个或多个规则。

• PasswordValidator− 根据给定规则集验证密码的验证器组件。

• PasswordGenerator− 生成密码以满足给定规则集的生成器组件。

规则概述

规则是密码验证和生成的基础块。规则分为两大类：

• 正匹配要求密码满足规则。

• 负匹配拒绝满足规则的密码。

特征

以下是 Passay 库提供的一些功能。

• 密码验证Passay 库通过根据可配置的规则集验证密码来帮助实施密码策略。它为常见用例提供了一组丰富的现有规则。对于其他情况，它提供了一个简单的规则接口来实现自定义规则。

• 密码生成 - 它提供了一个可配置的规则集，也可用于生成密码。

• 命令行工具− 它提供了自动执行密码策略的工具。

• 方便 - 易于使用。

• 可扩展 - 所有 Passay 组件都是可扩展的。

• 支持内部化 - Passay组件已准备好国际化。

帕赛 − 环境设置

设置爪哇

如果您仍然愿意为 Java 编程语言设置环境，那么本节将指导您如何在计算机上下载和设置 Java。请按照下面提到的步骤设置环境。

Java SE可从下载Java链接免费获得。因此，您可以下载基于操作系统的版本。

按照说明下载 Java 并运行 .exe以在您的计算机上安装 Java。在计算机上安装 Java 后，您需要设置环境变量以指向正确的安装目录 -

设置 Windows 2000/XP 的路径

我们假设您已经在c：\Program Files\java\jdk目录中安装了 Java −

• 右键单击“我的电脑”，然后选择“属性”。

• 单击“高级”选项卡下的“环境变量”按钮。

• 现在，更改“Path”变量，使其也包含 Java 可执行文件的路径。例如，如果路径当前设置为“C：\WINDOWS\SYSTEM32”，则将路径更改为“C：\WINDOWS\SYSTEM32;c：\Program Files\java\jdk\bin”。

设置 Windows 95/98/ME 的路径

我们假设您已经在c：\Program Files\java\jdk目录中安装了 Java −

• 编辑“C：\autoexec.bat”文件，并在末尾添加以下行 − 'SET PATH=%PATH%;C：\Program Files\java\jdk\bin'

为 Linux、UNIX、Solaris、FreeBSD 设置路径

环境变量 PATH 应设置为指向安装 Java 二进制文件的位置。如果您在执行此操作时遇到问题，请参阅您的 shell 文档。

例如，如果您使用 bash 作为 shell，那么您可以在“.bashrc： export PATH=/path/to/java：$PATH”的末尾添加以下行

流行的 Java 编辑器

要编写 Java 程序，您需要一个文本编辑器。市场上有许多复杂的IDE。但是现在，您可以考虑以下之一 -

• 记事本 - 在Windows机器上，您可以使用任何简单的文本编辑器，如记事本（推荐用于本教程），文本板。

• Netbeans - 它是一个开源且免费的Java IDE，可以从Welcome to Apache NetBeans 下载。

• Eclipse− 它也是由 eclipse 开源社区开发的 Java IDE，可以从The Community for Open Innovation and Collaboration | The Eclipse Foundation 下载。

下载帕赛档案

从Maven存储库下载最新版本的Passay jar文件。在本教程中，passay-1.6.1.jar 被下载并复制到 C：\> passay 文件夹中。

设置帕赛环境

将PASSAY环境变量设置为指向计算机上存储 Passay jar 的基目录位置。假设我们已经在各种操作系统上的Passay文件夹中提取了passay-1.6.1.jar，如下所示。

设置类路径变量

将CLASSPATH环境变量设置为指向 Passay jar 位置。假设您已将passay-1.6.1.jar存储在各种操作系统上的Passay文件夹中，如下所示。

帕赛 - 密码验证

典型的密码策略包含一组规则，用于检查密码是否符合组织规则。请考虑以下策略：

• 密码长度应在 8 到 16 个字符之间。

• 密码不应包含任何空格。

• 密码应包含以下各项：大写、小写、数字和符号。

例

以下示例显示了使用 Passay 库根据上述策略验证密码。

import java.util.ArrayList;
import java.util.List;

import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
    public static void main(String[] args) {
        
        List rules = new ArrayList<>();        
        //Rule 1: Password length should be in between 
        //8 and 16 characters
        rules.add(new LengthRule(8, 16));        
        //Rule 2: No whitespace allowed
        rules.add(new WhitespaceRule());        
        //Rule 3.a: At least one Upper-case character
        rules.add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
        //Rule 3.b: At least one Lower-case character
        rules.add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
        //Rule 3.c: At least one digit
        rules.add(new CharacterRule(EnglishCharacterData.Digit, 1));        
        //Rule 3.d: At least one special character
        rules.add(new CharacterRule(EnglishCharacterData.Special, 1));
        
        PasswordValidator validator = new PasswordValidator(rules);        
        PasswordData password = new PasswordData("Microsoft@123");        
        RuleResult result = validator.validate(password);
        
        if(result.isValid()){
            System.out.println("Password validated.");
        }else{
            System.out.println("Invalid Password: " + validator.getMessages(result));            
        }
    }
}

输出

Password validated.

Passay - 定制消息

Passay 库提供了一个消息解析器 API 来覆盖验证器使用的默认消息。它可以采用自定义属性文件的路径，并使用标准键覆盖所需的消息。

例

以下示例显示了密码的验证，并显示了使用 Passay 库的自定义消息。

消息.属性

INSUFFICIENT_UPPERCASE=Password missing at least %1$s uppercase characters.

帕赛示例.java

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.URL;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;

import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.MessageResolver;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.PropertiesMessageResolver;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) throws FileNotFoundException, IOException {
      List rules = new ArrayList<>();
      rules.add(new LengthRule(8, 16));
      rules.add(new WhitespaceRule());
      rules.add(new CharacterRule(EnglishCharacterData.UpperCase, 1));
      rules.add(new CharacterRule(EnglishCharacterData.LowerCase, 1));
      rules.add(new CharacterRule(EnglishCharacterData.Digit, 1));
      rules.add(new CharacterRule(EnglishCharacterData.Special, 1));

      Properties props = new Properties();
      props.load(new FileInputStream("E:/Test/messages.properties"));
      MessageResolver resolver = new PropertiesMessageResolver(props);

      PasswordValidator validator = new PasswordValidator(resolver, rules);
      PasswordData password = new PasswordData("microsoft@123");
      RuleResult result = validator.validate(password);
      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [Password missing at least 1 uppercase characters.]

帕赛 − N 法则中的 M

很多时候，密码策略强制要求遵守给定规则中的最小规则，例如密码必须至少符合 M of N 规则。请考虑以下策略。

• 密码长度应在 8 到 16 个字符之间。

• 密码不应包含任何空格。

• 密码应至少包含以下三项：大写、小写、数字或符号。

例

以下示例显示了使用 Passay 库根据上述策略验证密码。

import java.io.FileNotFoundException;
import java.io.IOException;

import org.passay.CharacterCharacteristicsRule;
import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) throws FileNotFoundException, IOException {
      //Rule 1: Password length should be in between 
      //8 and 16 characters
      Rule rule1 = new LengthRule(8, 16);        
      //Rule 2: No whitespace allowed
      Rule rule2 = new WhitespaceRule();        
      CharacterCharacteristicsRule rule3 = new CharacterCharacteristicsRule();        
      //M - Mandatory characters count
      rule3.setNumberOfCharacteristics(3);        
      //Rule 3.a: One Upper-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
      //Rule 3.b: One Lower-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
      //Rule 3.c: One digit
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Digit, 1));        
      //Rule 3.d: One special character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Special, 1));

      PasswordValidator validator = new PasswordValidator(rule1, rule2, rule3);        
      PasswordData password = new PasswordData("microsoft@123");        
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Password validated.

帕赛 - 密码生成

密码生成器有助于使用给定的策略生成密码。请考虑以下策略-

• 密码长度应为 8 个字符。

• 密码应包含以下各项：大写、小写、数字和符号。

例

以下示例显示了使用 Passay 库根据上述策略生成密码。

import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.PasswordGenerator;

public class PassayExample {
   public static void main(String[] args) {
      CharacterRule alphabets = new CharacterRule(EnglishCharacterData.Alphabetical);
      CharacterRule digits = new CharacterRule(EnglishCharacterData.Digit);
      CharacterRule special = new CharacterRule(EnglishCharacterData.Special);

      PasswordGenerator passwordGenerator = new PasswordGenerator();
      String password = passwordGenerator.generatePassword(8, alphabets, digits, special);
      System.out.println(password);
   }
}

输出

?\DE~@c3

Passay - AllowedCharacterRule

AllowedCharacterRule允许指定密码可以包含的字符。请考虑以下示例。

例

以下示例显示了使用 Passay 库根据上述策略验证密码。

import org.passay.AllowedCharacterRule;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Password should contains only a, b and c       
      Rule rule1 = new AllowedCharacterRule(new char[] {'a', 'b', 'c'});
      //8 and 16 characters
      Rule rule2 = new LengthRule(8, 16);    

      PasswordValidator validator = new PasswordValidator(rule1, rule2);
      PasswordData password = new PasswordData("abcabcab1");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [Password contains the illegal character '1'.]

Passay − AllowedRegexRule

AllowedRegexRule允许指定密码应满足的常规模式。请考虑以下示例。

例

以下示例显示了使用 Passay 库根据上述策略验证密码。

import org.passay.AllowedRegexRule;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Password should contains alphabets only
      Rule rule1 = new AllowedRegexRule("^[A-Za-z]+$");
      //8 and 16 characters
      Rule rule2 = new LengthRule(8, 16);    

      PasswordValidator validator = new PasswordValidator(rule1, rule2);
      PasswordData password = new PasswordData("microsoft@123");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [Password must match pattern '^[A-Za-z]+$'.]

帕赛 − 字符规则

字符规则有助于定义一组字符和最小编号。密码中所需的字符数。

例

以下示例显示了使用 Passay 库根据上述策略验证密码。

import java.util.ArrayList;
import java.util.List;

import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
    public static void main(String[] args) {
        
        List rules = new ArrayList<>();        
        //Rule 1: Password length should be in between 
        //8 and 16 characters
        rules.add(new LengthRule(8, 16));        
        //Rule 2: No whitespace allowed
        rules.add(new WhitespaceRule());        
        //Rule 3.a: At least one Upper-case character
        rules.add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
        //Rule 3.b: At least one Lower-case character
        rules.add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
        //Rule 3.c: At least one digit
        rules.add(new CharacterRule(EnglishCharacterData.Digit, 1));        
        //Rule 3.d: At least one special character
        rules.add(new CharacterRule(EnglishCharacterData.Special, 1));
        
        PasswordValidator validator = new PasswordValidator(rules);        
        PasswordData password = new PasswordData("Microsoft@123");        
        RuleResult result = validator.validate(password);
        
        if(result.isValid()){
            System.out.println("Password validated.");
        }else{
            System.out.println("Invalid Password: " + validator.getMessages(result));            
        }
    }
}

输出

Password validated.

帕赛 − 长度规则

长度规则有助于定义密码的最小和最大长度。

例

以下示例显示了使用 Passay 库根据上述策略验证密码。

import java.util.ArrayList;
import java.util.List;

import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
    public static void main(String[] args) {
        
        List rules = new ArrayList<>();        
        //Rule 1: Password length should be in between 
        //8 and 16 characters
        rules.add(new LengthRule(8, 16));        
        //Rule 2: No whitespace allowed
        rules.add(new WhitespaceRule());        
        //Rule 3.a: At least one Upper-case character
        rules.add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
        //Rule 3.b: At least one Lower-case character
        rules.add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
        //Rule 3.c: At least one digit
        rules.add(new CharacterRule(EnglishCharacterData.Digit, 1));        
        //Rule 3.d: At least one special character
        rules.add(new CharacterRule(EnglishCharacterData.Special, 1));
        
        PasswordValidator validator = new PasswordValidator(rules);        
        PasswordData password = new PasswordData("Microsoft@123");        
        RuleResult result = validator.validate(password);
        
        if(result.isValid()){
            System.out.println("Password validated.");
        }else{
            System.out.println("Invalid Password: " + validator.getMessages(result));            
        }
    }
}

输出

Password validated.

帕赛 − 性格特征规则

CharacterFeaturesRule有助于定义密码是否满足给定的N个定义的规则。

例

以下示例显示了使用 Passay 库根据上述策略验证密码。

import java.io.FileNotFoundException;
import java.io.IOException;

import org.passay.CharacterCharacteristicsRule;
import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) throws FileNotFoundException, IOException {
      //Rule 1: Password length should be in between 
      //8 and 16 characters
      Rule rule1 = new LengthRule(8, 16);        
      //Rule 2: No whitespace allowed
      Rule rule2 = new WhitespaceRule();        
      CharacterCharacteristicsRule rule3 = new CharacterCharacteristicsRule();        
      //M - Mandatory characters count
      rule3.setNumberOfCharacteristics(3);        
      //Rule 3.a: One Upper-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
      //Rule 3.b: One Lower-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
      //Rule 3.c: One digit
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Digit, 1));        
      //Rule 3.d: One special character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Special, 1));

      PasswordValidator validator = new PasswordValidator(rule1, rule2, rule3);        
      PasswordData password = new PasswordData("microsoft@123");        
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Password validated.

Passay − LengthComplexityRule

LengthComplexityRule有助于根据密码的长度定义密码的适用规则。请考虑以下策略。

• 如果密码长度在 1 到 5 个字符之间，则只允许使用小写字母。

• 如果密码长度在 6 到 8 个字符之间，则只允许使用 a、b 和 c。

例

以下示例显示了使用 Passay 库根据上述策略验证密码。

import org.passay.AllowedCharacterRule;
import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthComplexityRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;

public class PassayExample {
   public static void main(String[] args) {
      LengthComplexityRule lengthComplexityRule = new LengthComplexityRule();
      //Rule: Password of 1 to 5 characters should contains lower case alphabets only
      lengthComplexityRule.addRules("[1,5]", 
         new CharacterRule(EnglishCharacterData.LowerCase, 5));
      //8 and 16 characters
      lengthComplexityRule.addRules("[6,8]", 
         new AllowedCharacterRule(new char[] { 'a', 'b', 'c' }));    
      PasswordValidator validator = new PasswordValidator(lengthComplexityRule);
      PasswordData password = new PasswordData("abcdef");
      RuleResult result = validator.validate(password);
      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [
Password contains the illegal character 'd'., 
Password contains the illegal character 'e'., 
Password contains the illegal character 'f'., 
Password meets 0 complexity rules, but 1 are required.]

帕赛 - 非法字符规则

非法字符规则允许指定密码中不允许的字符。请考虑以下示例。

import org.passay.IllegalCharacterRule;
import org.passay.NumberRangeRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Special characters like &, <, > are not allowed in a password 
      IllegalCharacterRule illegalCharacterRule 
         = new IllegalCharacterRule(new char[] {'&', '<', '>'});

      //Rule: 1 to 5 numbers are not allowed
      NumberRangeRule numberRangeRule = new NumberRangeRule(1, 5);

      //Rule: White spaces are not allowed
      WhitespaceRule whitespaceRule = new WhitespaceRule();

      PasswordValidator validator 
         = new PasswordValidator(illegalCharacterRule,numberRangeRule,whitespaceRule);
      PasswordData password = new PasswordData("abc&4d  ef6");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [
Password contains the illegal character '&'.,
Password contains the number '4'.,
Password contains a whitespace character.]

Passay − NumberRangeRule

NumberRangeRule允许指定密码中不允许的数字范围。请考虑以下示例。

import org.passay.IllegalCharacterRule;
import org.passay.NumberRangeRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Special characters like &, <, > are not allowed in a password 
      IllegalCharacterRule illegalCharacterRule 
         = new IllegalCharacterRule(new char[] {'&', '<', '>'});

      //Rule: 1 to 5 numbers are not allowed
      NumberRangeRule numberRangeRule = new NumberRangeRule(1, 5);

      //Rule: White spaces are not allowed
      WhitespaceRule whitespaceRule = new WhitespaceRule();

      PasswordValidator validator 
         = new PasswordValidator(illegalCharacterRule,numberRangeRule,whitespaceRule);
      PasswordData password = new PasswordData("abc&4d  ef6");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [
Password contains the illegal character '&'.,
Password contains the number '4'.,
Password contains a whitespace character.]

Passay − WhitespaceRule

WhitespaceRule允许指定密码中不允许使用空格。请考虑以下示例。

例

import org.passay.IllegalCharacterRule;
import org.passay.NumberRangeRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Special characters like &, <, > are not allowed in a password 
      IllegalCharacterRule illegalCharacterRule 
         = new IllegalCharacterRule(new char[] {'&', '<', '>'});

      //Rule: 1 to 5 numbers are not allowed
      NumberRangeRule numberRangeRule = new NumberRangeRule(1, 5);

      //Rule: White spaces are not allowed
      WhitespaceRule whitespaceRule = new WhitespaceRule();

      PasswordValidator validator 
         = new PasswordValidator(illegalCharacterRule,numberRangeRule,whitespaceRule);
      PasswordData password = new PasswordData("abc&4d  ef6");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [
Password contains the illegal character '&'.,
Password contains the number '4'.,
Password contains a whitespace character.]

帕赛 − 字典规则

字典规则允许检查某些单词是否未指定为密码。请考虑以下示例。

例

import org.passay.DictionaryRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.dictionary.ArrayWordList;
import org.passay.dictionary.WordListDictionary;

public class PassayExample {
   public static void main(String[] args) {
      WordListDictionary wordListDictionary = new WordListDictionary(
         new ArrayWordList(new String[] { "password", "username" }));
      DictionaryRule dictionaryRule = new DictionaryRule(wordListDictionary);
      PasswordValidator validator 
         = new PasswordValidator(dictionaryRule);
      PasswordData password = new PasswordData("password");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [Password contains the dictionary word 'password'.]

Passay − 字典子字符串规则

字典子字符串规则允许检查某些单词是否不是密码的一部分。请考虑以下示例。

例

import org.passay.DictionarySubstringRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.dictionary.ArrayWordList;
import org.passay.dictionary.WordListDictionary;

public class PassayExample {
   public static void main(String[] args) {
      WordListDictionary wordListDictionary = new WordListDictionary(
         new ArrayWordList(new String[] { "password", "username" }));
      DictionarySubstringRule dictionaryRule = new DictionarySubstringRule(wordListDictionary);
      PasswordValidator validator 
         = new PasswordValidator(dictionaryRule);
      PasswordData password = new PasswordData("password@123");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [Password contains the dictionary word 'password'.]

帕赛 − 历史规则

历史规则允许检查给定的密码是否在最近的过去没有使用过。请考虑以下示例。

例

import org.passay.HistoryRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.SourceRule;

public class PassayExample {
   public static void main(String[] args) {
      SourceRule sourceRule = new SourceRule();
      HistoryRule historyRule = new HistoryRule();
      PasswordValidator validator 
         = new PasswordValidator(sourceRule, historyRule);
      PasswordData password = new PasswordData("password@123");
      password.setPasswordReferences(
         new PasswordData.SourceReference("source", "password"), 
         new PasswordData.HistoricalReference("password@123")
      );
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [Password matches one of 1 previous passwords.]

Passay − RepeatCharacterRegexRule

RepeatCharacterRegexRule允许检查给定的密码是否有重复的ASCII字符。请考虑以下示例。

例

import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RepeatCharacterRegexRule;
import org.passay.Rule;
import org.passay.RuleResult;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Password should not contain repeated entries
      Rule rule1 = new RepeatCharacterRegexRule(3);
      //8 and 16 characters
      Rule rule2 = new LengthRule(8, 16);    

      PasswordValidator validator = new PasswordValidator(rule1, rule2);
      PasswordData password = new PasswordData("aaefhehhhhh");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [Password matches the illegal pattern 'hhh'.]

Passay − 用户名规则

用户名规则确保密码不包含用户名。请考虑以下示例。

例

import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.UsernameRule;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Password should not contain user-name
      Rule rule = new UsernameRule();
      
      PasswordValidator validator = new PasswordValidator(rule);
      PasswordData password = new PasswordData("microsoft");
      password.setUsername("micro");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [Password contains the user id 'micro'.]