Passay - 快速指南

Passay - 概述

Passay 是一个基于 Java 的密码生成和验证库。它提供了全面的功能列表，用于验证/生成密码，并且高度可配置。

Passay 组件

Passay API 有 3 个核心组件。

规则 - 一条或多条规则，定义密码策略规则集。
PasswordValidator - 一个验证组件，根据给定的规则集验证密码。
PasswordGenerator - 一个生成组件，生成满足给定规则集的密码。

规则概述

规则是密码验证和生成的基石。规则主要分为两大类：

正则匹配要求密码满足规则。
负则匹配拒绝满足规则的密码。

特性

以下是 Passay 库提供的一些特性。

密码验证 Passay 库通过根据可配置的规则集验证密码来帮助执行密码策略。它有一套丰富的现有规则，适用于常见的用例。对于其他情况，它提供了一个简单的 Rule 接口来实现自定义规则。
密码生成 - 它提供了一个可配置的规则集，也可以用于生成密码。
命令行工具 - 它提供工具来自动执行密码策略。
方便 - 易于使用。
可扩展 - 所有 Passay 组件都是可扩展的。
支持国际化 - Passay 组件已准备好进行国际化。

Passay - 环境设置

设置 Java

如果您仍然希望为 Java 编程语言设置环境，那么本节将指导您如何在机器上下载和设置 Java。请按照下面提到的步骤设置环境。

Java SE 可从以下链接免费获得下载 Java。因此，您可以根据您的操作系统下载一个版本。

按照说明下载 Java 并运行.exe 文件以在您的机器上安装 Java。在您的机器上安装 Java 后，您需要设置环境变量以指向正确的安装目录 -

为 Windows 2000/XP 设置路径

我们假设您已将 Java 安装在c:\Program Files\java\jdk 目录中 -

右键单击“我的电脑”，然后选择“属性”。
在“高级”选项卡下单击“环境变量”按钮。
现在，修改“Path”变量，使其还包含 Java 可执行文件的路径。例如，如果路径当前设置为“C:\WINDOWS\SYSTEM32”，则将路径更改为“C:\WINDOWS\SYSTEM32;c:\Program Files\java\jdk\bin”。

为 Windows 95/98/ME 设置路径

我们假设您已将 Java 安装在c:\Program Files\java\jdk 目录中 -

编辑“C:\autoexec.bat”文件，并在末尾添加以下行 - 'SET PATH=%PATH%;C:\Program Files\java\jdk\bin'

为 Linux、UNIX、Solaris、FreeBSD 设置路径

环境变量 PATH 应设置为指向 Java 二进制文件安装的位置。如果您在执行此操作时遇到问题，请参阅您的 shell 文档。

例如，如果您使用 bash 作为您的 shell，则您将在“.bashrc”的末尾添加以下行：export PATH=/path/to/java:$PATH'

流行的 Java 编辑器

要编写 Java 程序，您需要一个文本编辑器。市场上有很多复杂的 IDE 可用。但目前，您可以考虑以下其中一项 -

记事本 - 在 Windows 机器上，您可以使用任何简单的文本编辑器，如记事本（推荐用于本教程）、TextPad。
Netbeans - 它是一个开源且免费的 Java IDE，可以从 https://www.netbeans.org/index.html 下载。
Eclipse - 它也是由 Eclipse 开源社区开发的 Java IDE，可以从 https://www.eclipse.org/ 下载。

下载 Passay 归档文件

从 Maven 存储库 - 下载最新版本的 Passay jar 文件。在本教程中，passay-1.6.1.jar 被下载并复制到 C:\> passay 文件夹中。

操作系统	归档文件名
Windows	passay-1.6.1.jar
Linux	passay-1.6.1.jar
Mac	passay-1.6.1.jar

设置 Passay 环境

设置PASSAY环境变量以指向 Passay jar 存储在您机器上的基本目录位置。假设，我们在各种操作系统上的 Passay 文件夹中提取了 passay-1.6.1.jar，如下所示。

操作系统	输出
Windows	将环境变量 PASSAY 设置为 C:\Passay
Linux	export PASSAY=/usr/local/Passay
Mac	export PASSAY=/Library/Passay

设置 CLASSPATH 变量

设置CLASSPATH环境变量以指向 Passay jar 的位置。假设，您已将 passay-1.6.1.jar 存储在各种操作系统上的 Passay 文件夹中，如下所示。

操作系统	输出
Windows	将环境变量 CLASSPATH 设置为 %CLASSPATH%;%Passay%\passay-1.6.1.jar;.;
Linux	export CLASSPATH=$CLASSPATH:$PASSAY/passay-1.6.1.jar:.
Mac	export CLASSPATH=$CLASSPATH:$PASSAY/passay-1.6.1.jar:.

Passay - 密码验证

典型的密码策略包含一组规则，用于检查密码是否符合组织规则。请考虑以下策略

密码长度应在 8 到 16 个字符之间。
密码不能包含任何空格。
密码应包含以下每个字符：大写字母、小写字母、数字和符号。

示例

以下示例演示了使用 Passay 库根据上述策略验证密码。

import java.util.ArrayList;
import java.util.List;

import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
    public static void main(String[] args) {
        
        List<Rule> rules = new ArrayList<>();        
        //Rule 1: Password length should be in between 
        //8 and 16 characters
        rules.add(new LengthRule(8, 16));        
        //Rule 2: No whitespace allowed
        rules.add(new WhitespaceRule());        
        //Rule 3.a: At least one Upper-case character
        rules.add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
        //Rule 3.b: At least one Lower-case character
        rules.add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
        //Rule 3.c: At least one digit
        rules.add(new CharacterRule(EnglishCharacterData.Digit, 1));        
        //Rule 3.d: At least one special character
        rules.add(new CharacterRule(EnglishCharacterData.Special, 1));
        
        PasswordValidator validator = new PasswordValidator(rules);        
        PasswordData password = new PasswordData("Microsoft@123");        
        RuleResult result = validator.validate(password);
        
        if(result.isValid()){
            System.out.println("Password validated.");
        }else{
            System.out.println("Invalid Password: " + validator.getMessages(result));            
        }
    }
}

输出

Password validated.

Passay - 自定义消息

Passay 库提供了一个 MessageResolver API 来覆盖验证程序使用的默认消息。它可以获取自定义属性文件的路径，并使用标准键来覆盖所需的消息。

示例

以下示例演示了密码的验证并使用 Passay 库显示自定义消息。

messages.properties

INSUFFICIENT_UPPERCASE=Password missing at least %1$s uppercase characters.

PassayExample.java

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.URL;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;

import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.MessageResolver;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.PropertiesMessageResolver;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) throws FileNotFoundException, IOException {
      List<Rule> rules = new ArrayList<>();
      rules.add(new LengthRule(8, 16));
      rules.add(new WhitespaceRule());
      rules.add(new CharacterRule(EnglishCharacterData.UpperCase, 1));
      rules.add(new CharacterRule(EnglishCharacterData.LowerCase, 1));
      rules.add(new CharacterRule(EnglishCharacterData.Digit, 1));
      rules.add(new CharacterRule(EnglishCharacterData.Special, 1));

      Properties props = new Properties();
      props.load(new FileInputStream("E:/Test/messages.properties"));
      MessageResolver resolver = new PropertiesMessageResolver(props);

      PasswordValidator validator = new PasswordValidator(resolver, rules);
      PasswordData password = new PasswordData("microsoft@123");
      RuleResult result = validator.validate(password);
      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [Password missing at least 1 uppercase characters.]

Passay - M of N 规则

很多时候，密码策略强制执行对给定规则中的最小规则的合规性，例如密码必须符合至少 M 个 N 规则。请考虑以下策略。

密码长度应在 8 到 16 个字符之间。
密码不能包含任何空格。
密码应包含以下至少三个字符：大写字母、小写字母、数字或符号。

示例

以下示例演示了使用 Passay 库根据上述策略验证密码。

import java.io.FileNotFoundException;
import java.io.IOException;

import org.passay.CharacterCharacteristicsRule;
import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) throws FileNotFoundException, IOException {
      //Rule 1: Password length should be in between 
      //8 and 16 characters
      Rule rule1 = new LengthRule(8, 16);        
      //Rule 2: No whitespace allowed
      Rule rule2 = new WhitespaceRule();        
      CharacterCharacteristicsRule rule3 = new CharacterCharacteristicsRule();        
      //M - Mandatory characters count
      rule3.setNumberOfCharacteristics(3);        
      //Rule 3.a: One Upper-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
      //Rule 3.b: One Lower-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
      //Rule 3.c: One digit
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Digit, 1));        
      //Rule 3.d: One special character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Special, 1));

      PasswordValidator validator = new PasswordValidator(rule1, rule2, rule3);        
      PasswordData password = new PasswordData("microsoft@123");        
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Password validated.

Passay - 密码生成

PasswordGenerator 帮助使用给定策略生成密码。请考虑以下策略 -

密码长度应为 8 个字符。
密码应包含以下每个字符：大写字母、小写字母、数字和符号。

示例

以下示例演示了使用 Passay 库根据上述策略生成密码。

import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.PasswordGenerator;

public class PassayExample {
   public static void main(String[] args) {
      CharacterRule alphabets = new CharacterRule(EnglishCharacterData.Alphabetical);
      CharacterRule digits = new CharacterRule(EnglishCharacterData.Digit);
      CharacterRule special = new CharacterRule(EnglishCharacterData.Special);

      PasswordGenerator passwordGenerator = new PasswordGenerator();
      String password = passwordGenerator.generatePassword(8, alphabets, digits, special);
      System.out.println(password);
   }
}

输出

?\DE~@c3

Passay - AllowedCharacterRule

AllowedCharacterRule 允许指定密码可以包含的字符。请考虑以下示例。

示例

以下示例演示了使用 Passay 库根据上述策略验证密码。

import org.passay.AllowedCharacterRule;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Password should contains only a, b and c       
      Rule rule1 = new AllowedCharacterRule(new char[] {'a', 'b', 'c'});
      //8 and 16 characters
      Rule rule2 = new LengthRule(8, 16);    

      PasswordValidator validator = new PasswordValidator(rule1, rule2);
      PasswordData password = new PasswordData("abcabcab1");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [Password contains the illegal character '1'.]

Passay - AllowedRegexRule

AllowedRegexRule 允许指定密码应满足的正则表达式模式。请考虑以下示例。

示例

以下示例演示了使用 Passay 库根据上述策略验证密码。

import org.passay.AllowedRegexRule;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Password should contains alphabets only
      Rule rule1 = new AllowedRegexRule("^[A-Za-z]+$");
      //8 and 16 characters
      Rule rule2 = new LengthRule(8, 16);    

      PasswordValidator validator = new PasswordValidator(rule1, rule2);
      PasswordData password = new PasswordData("microsoft@123");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [Password must match pattern '^[A-Za-z]+$'.]

Passay - CharacterRule

CharacterRule 帮助定义一组字符和密码中所需的最小字符数。

示例

以下示例演示了使用 Passay 库根据上述策略验证密码。

import java.util.ArrayList;
import java.util.List;

import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
    public static void main(String[] args) {
        
        List<Rule> rules = new ArrayList<>();        
        //Rule 1: Password length should be in between 
        //8 and 16 characters
        rules.add(new LengthRule(8, 16));        
        //Rule 2: No whitespace allowed
        rules.add(new WhitespaceRule());        
        //Rule 3.a: At least one Upper-case character
        rules.add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
        //Rule 3.b: At least one Lower-case character
        rules.add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
        //Rule 3.c: At least one digit
        rules.add(new CharacterRule(EnglishCharacterData.Digit, 1));        
        //Rule 3.d: At least one special character
        rules.add(new CharacterRule(EnglishCharacterData.Special, 1));
        
        PasswordValidator validator = new PasswordValidator(rules);        
        PasswordData password = new PasswordData("Microsoft@123");        
        RuleResult result = validator.validate(password);
        
        if(result.isValid()){
            System.out.println("Password validated.");
        }else{
            System.out.println("Invalid Password: " + validator.getMessages(result));            
        }
    }
}

输出

Password validated.

Passay - LengthRule

LengthRule 帮助定义密码的最小和最大长度。

示例

以下示例演示了使用 Passay 库根据上述策略验证密码。

import java.util.ArrayList;
import java.util.List;

import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
    public static void main(String[] args) {
        
        List<Rule> rules = new ArrayList<>();        
        //Rule 1: Password length should be in between 
        //8 and 16 characters
        rules.add(new LengthRule(8, 16));        
        //Rule 2: No whitespace allowed
        rules.add(new WhitespaceRule());        
        //Rule 3.a: At least one Upper-case character
        rules.add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
        //Rule 3.b: At least one Lower-case character
        rules.add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
        //Rule 3.c: At least one digit
        rules.add(new CharacterRule(EnglishCharacterData.Digit, 1));        
        //Rule 3.d: At least one special character
        rules.add(new CharacterRule(EnglishCharacterData.Special, 1));
        
        PasswordValidator validator = new PasswordValidator(rules);        
        PasswordData password = new PasswordData("Microsoft@123");        
        RuleResult result = validator.validate(password);
        
        if(result.isValid()){
            System.out.println("Password validated.");
        }else{
            System.out.println("Invalid Password: " + validator.getMessages(result));            
        }
    }
}

输出

Password validated.

Passay - CharacterCharacteristicsRule

CharacterCharacteristicsRule 帮助定义密码是否满足给定的 N 个定义的规则。

示例

以下示例演示了使用 Passay 库根据上述策略验证密码。

import java.io.FileNotFoundException;
import java.io.IOException;

import org.passay.CharacterCharacteristicsRule;
import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) throws FileNotFoundException, IOException {
      //Rule 1: Password length should be in between 
      //8 and 16 characters
      Rule rule1 = new LengthRule(8, 16);        
      //Rule 2: No whitespace allowed
      Rule rule2 = new WhitespaceRule();        
      CharacterCharacteristicsRule rule3 = new CharacterCharacteristicsRule();        
      //M - Mandatory characters count
      rule3.setNumberOfCharacteristics(3);        
      //Rule 3.a: One Upper-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
      //Rule 3.b: One Lower-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
      //Rule 3.c: One digit
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Digit, 1));        
      //Rule 3.d: One special character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Special, 1));

      PasswordValidator validator = new PasswordValidator(rule1, rule2, rule3);        
      PasswordData password = new PasswordData("microsoft@123");        
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Password validated.

Passay - LengthComplexityRule

LengthComplexityRule 帮助根据密码的长度定义适用的规则。请考虑以下策略。

如果密码长度在 1 到 5 个字符之间，则只允许小写字母。
如果密码长度在 6 到 8 个字符之间，则只允许 a、b 和 c。

示例

以下示例演示了使用 Passay 库根据上述策略验证密码。

import org.passay.AllowedCharacterRule;
import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthComplexityRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;

public class PassayExample {
   public static void main(String[] args) {
      LengthComplexityRule lengthComplexityRule = new LengthComplexityRule();
      //Rule: Password of 1 to 5 characters should contains lower case alphabets only
      lengthComplexityRule.addRules("[1,5]", 
         new CharacterRule(EnglishCharacterData.LowerCase, 5));
      //8 and 16 characters
      lengthComplexityRule.addRules("[6,8]", 
         new AllowedCharacterRule(new char[] { 'a', 'b', 'c' }));    
      PasswordValidator validator = new PasswordValidator(lengthComplexityRule);
      PasswordData password = new PasswordData("abcdef");
      RuleResult result = validator.validate(password);
      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [
Password contains the illegal character 'd'., 
Password contains the illegal character 'e'., 
Password contains the illegal character 'f'., 
Password meets 0 complexity rules, but 1 are required.]

Passay - IllegalCharacterRule

IllegalCharacterRule 允许指定密码中不允许的字符。请考虑以下示例。

import org.passay.IllegalCharacterRule;
import org.passay.NumberRangeRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Special characters like &, <, > are not allowed in a password 
      IllegalCharacterRule illegalCharacterRule 
         = new IllegalCharacterRule(new char[] {'&', '<', '>'});

      //Rule: 1 to 5 numbers are not allowed
      NumberRangeRule numberRangeRule = new NumberRangeRule(1, 5);

      //Rule: White spaces are not allowed
      WhitespaceRule whitespaceRule = new WhitespaceRule();

      PasswordValidator validator 
         = new PasswordValidator(illegalCharacterRule,numberRangeRule,whitespaceRule);
      PasswordData password = new PasswordData("abc&4d  ef6");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [
Password contains the illegal character '&'.,
Password contains the number '4'.,
Password contains a whitespace character.]

Passay - NumberRangeRule

NumberRangeRule 允许指定密码中不允许的数字范围。请考虑以下示例。

import org.passay.IllegalCharacterRule;
import org.passay.NumberRangeRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Special characters like &, <, > are not allowed in a password 
      IllegalCharacterRule illegalCharacterRule 
         = new IllegalCharacterRule(new char[] {'&', '<', '>'});

      //Rule: 1 to 5 numbers are not allowed
      NumberRangeRule numberRangeRule = new NumberRangeRule(1, 5);

      //Rule: White spaces are not allowed
      WhitespaceRule whitespaceRule = new WhitespaceRule();

      PasswordValidator validator 
         = new PasswordValidator(illegalCharacterRule,numberRangeRule,whitespaceRule);
      PasswordData password = new PasswordData("abc&4d  ef6");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [
Password contains the illegal character '&'.,
Password contains the number '4'.,
Password contains a whitespace character.]

Passay - WhitespaceRule

WhitespaceRule 允许指定密码中不允许使用空格。请考虑以下示例。

示例

import org.passay.IllegalCharacterRule;
import org.passay.NumberRangeRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Special characters like &, <, > are not allowed in a password 
      IllegalCharacterRule illegalCharacterRule 
         = new IllegalCharacterRule(new char[] {'&', '<', '>'});

      //Rule: 1 to 5 numbers are not allowed
      NumberRangeRule numberRangeRule = new NumberRangeRule(1, 5);

      //Rule: White spaces are not allowed
      WhitespaceRule whitespaceRule = new WhitespaceRule();

      PasswordValidator validator 
         = new PasswordValidator(illegalCharacterRule,numberRangeRule,whitespaceRule);
      PasswordData password = new PasswordData("abc&4d  ef6");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [
Password contains the illegal character '&'.,
Password contains the number '4'.,
Password contains a whitespace character.]

Passay - DictionaryRule

DictionaryRule 允许检查某些单词是否未指定为密码。请考虑以下示例。

示例

import org.passay.DictionaryRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.dictionary.ArrayWordList;
import org.passay.dictionary.WordListDictionary;

public class PassayExample {
   public static void main(String[] args) {
      WordListDictionary wordListDictionary = new WordListDictionary(
         new ArrayWordList(new String[] { "password", "username" }));
      DictionaryRule dictionaryRule = new DictionaryRule(wordListDictionary);
      PasswordValidator validator 
         = new PasswordValidator(dictionaryRule);
      PasswordData password = new PasswordData("password");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [Password contains the dictionary word 'password'.]

Passay - DictionarySubstringRule

DictionarySubstringRule 允许检查某些单词是否不是密码的一部分。请考虑以下示例。

示例

import org.passay.DictionarySubstringRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.dictionary.ArrayWordList;
import org.passay.dictionary.WordListDictionary;

public class PassayExample {
   public static void main(String[] args) {
      WordListDictionary wordListDictionary = new WordListDictionary(
         new ArrayWordList(new String[] { "password", "username" }));
      DictionarySubstringRule dictionaryRule = new DictionarySubstringRule(wordListDictionary);
      PasswordValidator validator 
         = new PasswordValidator(dictionaryRule);
      PasswordData password = new PasswordData("password@123");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [Password contains the dictionary word 'password'.]

Passay - HistoryRule

HistoryRule 允许检查给定密码在最近一段时间内是否未使用过。请考虑以下示例。

示例

import org.passay.HistoryRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RuleResult;
import org.passay.SourceRule;

public class PassayExample {
   public static void main(String[] args) {
      SourceRule sourceRule = new SourceRule();
      HistoryRule historyRule = new HistoryRule();
      PasswordValidator validator 
         = new PasswordValidator(sourceRule, historyRule);
      PasswordData password = new PasswordData("password@123");
      password.setPasswordReferences(
         new PasswordData.SourceReference("source", "password"), 
         new PasswordData.HistoricalReference("password@123")
      );
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [Password matches one of 1 previous passwords.]

Passay - RepeatCharacterRegexRule

RepeatCharacterRegexRule 允许检查给定密码是否重复了 ASCII 字符。请考虑以下示例。

示例

import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.RepeatCharacterRegexRule;
import org.passay.Rule;
import org.passay.RuleResult;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Password should not contain repeated entries
      Rule rule1 = new RepeatCharacterRegexRule(3);
      //8 and 16 characters
      Rule rule2 = new LengthRule(8, 16);    

      PasswordValidator validator = new PasswordValidator(rule1, rule2);
      PasswordData password = new PasswordData("aaefhehhhhh");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [Password matches the illegal pattern 'hhh'.]

Passay - UsernameRule

UsernameRule 确保密码不包含用户名。请考虑以下示例。

示例

import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.UsernameRule;

public class PassayExample {
   public static void main(String[] args) {
      //Rule: Password should not contain user-name
      Rule rule = new UsernameRule();
      
      PasswordValidator validator = new PasswordValidator(rule);
      PasswordData password = new PasswordData("microsoft");
      password.setUsername("micro");
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      }else{
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

输出

Invalid Password: [Password contains the user id 'micro'.]

打印页面