Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
yujianwangzivayy
MaxKey
提交
ab0b5959
MaxKey
项目概览
yujianwangzivayy
/
MaxKey
与 Fork 源项目一致
Fork自
MaxKey单点登录官方(MaxKeyTop) / MaxKey
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
MaxKey
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
ab0b5959
编写于
8月 31, 2020
作者:
MaxKey单点登录官方
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
PasswordPolicy
上级
9946e1a2
变更
10
显示空白变更内容
内联
并排
Showing
10 changed file
with
172 addition
and
95 deletion
+172
-95
maxkey-core/src/main/java/org/maxkey/domain/PasswordPolicy.java
...-core/src/main/java/org/maxkey/domain/PasswordPolicy.java
+9
-0
maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java
...va/org/maxkey/persistence/db/PasswordPolicyValidator.java
+37
-15
maxkey-core/src/main/resources/messages/passwordpolicy_message.properties
...main/resources/messages/passwordpolicy_message.properties
+32
-29
maxkey-core/src/main/resources/messages/passwordpolicy_message_en.properties
...n/resources/messages/passwordpolicy_message_en.properties
+4
-1
maxkey-core/src/main/resources/messages/passwordpolicy_message_zh_CN.properties
...esources/messages/passwordpolicy_message_zh_CN.properties
+32
-29
maxkey-core/src/test/java/org/maxkey/crypto/password/PasswordReciprocalTest.java
...va/org/maxkey/crypto/password/PasswordReciprocalTest.java
+1
-1
maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java
.../java/org/maxkey/persistence/service/UserInfoService.java
+3
-1
maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java
...c/main/java/org/maxkey/web/contorller/SafeController.java
+41
-18
maxkey-web-maxkey/src/main/resources/templates/views/passwordExpired.ftl
...ey/src/main/resources/templates/views/passwordExpired.ftl
+8
-1
maxkey-web-maxkey/src/main/resources/templates/views/passwordInitial.ftl
...ey/src/main/resources/templates/views/passwordInitial.ftl
+5
-0
未找到文件。
maxkey-core/src/main/java/org/maxkey/domain/PasswordPolicy.java
浏览文件 @
ab0b5959
...
...
@@ -121,6 +121,7 @@ public class PasswordPolicy extends JpaBaseDomain implements java.io.Serializabl
@Column
private
int
occurances
;
private
int
randomPasswordLength
;
/**
* @return the minLength
...
...
@@ -329,6 +330,14 @@ public class PasswordPolicy extends JpaBaseDomain implements java.io.Serializabl
this
.
occurances
=
occurances
;
}
public
int
getRandomPasswordLength
()
{
return
randomPasswordLength
;
}
public
void
setRandomPasswordLength
(
int
randomPasswordLength
)
{
this
.
randomPasswordLength
=
randomPasswordLength
;
}
public
void
check
(
String
username
,
String
newPassword
,
String
oldPassword
)
throws
PasswordPolicyException
{
if
((
1
==
this
.
getUsername
())
&&
newPassword
.
toLowerCase
().
contains
(
username
.
toLowerCase
()))
{
throw
new
PasswordPolicyException
(
ConstantsServiceMessage
.
PASSWORDPOLICY
.
XW00000001
);
...
...
maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java
浏览文件 @
ab0b5959
...
...
@@ -25,6 +25,8 @@ import org.passay.CharacterOccurrencesRule;
import
org.passay.CharacterRule
;
import
org.passay.DictionaryRule
;
import
org.passay.EnglishCharacterData
;
import
org.passay.EnglishSequenceData
;
import
org.passay.IllegalSequenceRule
;
import
org.passay.LengthRule
;
import
org.passay.PasswordData
;
import
org.passay.PasswordValidator
;
...
...
@@ -92,6 +94,16 @@ public class PasswordPolicyValidator {
_logger
.
debug
(
"query PasswordPolicy : "
+
passwordPolicy
);
passwordPolicyStore
.
put
(
PASSWORD_POLICY_KEY
,
passwordPolicy
);
//init Password Policy
passwordPolicy
.
setRandomPasswordLength
(
Math
.
round
(
(
passwordPolicy
.
getMaxLength
()
+
passwordPolicy
.
getMinLength
()
)/
2
)
);
passwordPolicyRuleList
=
new
ArrayList
<
Rule
>();
passwordPolicyRuleList
.
add
(
new
WhitespaceRule
());
passwordPolicyRuleList
.
add
(
new
LengthRule
(
passwordPolicy
.
getMinLength
(),
passwordPolicy
.
getMaxLength
()));
...
...
@@ -120,12 +132,23 @@ public class PasswordPolicyValidator {
passwordPolicyRuleList
.
add
(
new
CharacterOccurrencesRule
(
passwordPolicy
.
getOccurances
()));
}
if
(
passwordPolicy
.
getAlphabetical
()>
0
)
{
passwordPolicyRuleList
.
add
(
new
IllegalSequenceRule
(
EnglishSequenceData
.
Alphabetical
,
4
,
false
));
}
if
(
passwordPolicy
.
getNumerical
()>
0
)
{
passwordPolicyRuleList
.
add
(
new
IllegalSequenceRule
(
EnglishSequenceData
.
Numerical
,
4
,
false
));
}
if
(
passwordPolicy
.
getQwerty
()>
0
)
{
passwordPolicyRuleList
.
add
(
new
IllegalSequenceRule
(
EnglishSequenceData
.
USQwerty
,
4
,
false
));
}
if
(
passwordPolicy
.
getDictionary
()>
0
)
{
try
{
ClassPathResource
dictFile
=
new
ClassPathResource
(
ConstantsProperties
.
classPathResource
(
topWeakPasswordPropertySource
));
Dictionary
dictionary
=
new
DictionaryBuilder
().
addReader
(
new
InputStreamReader
(
dictFile
.
getInputStream
())).
build
();
passwordPolicyRuleList
.
add
(
new
DictionaryRule
(
dictionary
));
}
catch
(
Exception
e
)
{
...
...
@@ -143,6 +166,7 @@ public class PasswordPolicyValidator {
*/
public
boolean
validator
(
UserInfo
userInfo
)
{
String
password
=
userInfo
.
getPassword
();
String
username
=
userInfo
.
getUsername
();
...
...
@@ -159,15 +183,18 @@ public class PasswordPolicyValidator {
RuleResult
result
=
validator
.
validate
(
new
PasswordData
(
username
,
password
));
if
(
result
.
isValid
())
{
System
.
out
.
println
(
"Password is valid"
);
_logger
.
debug
(
"Password is valid"
);
return
true
;
}
else
{
System
.
out
.
println
(
"Invalid password:"
);
_logger
.
debug
(
"Invalid password:"
);
String
passwordPolicyMessage
=
""
;
for
(
String
msg
:
validator
.
getMessages
(
result
))
{
System
.
out
.
println
(
msg
);
passwordPolicyMessage
=
passwordPolicyMessage
+
msg
+
"<br>"
;
_logger
.
debug
(
"Rule Message "
+
msg
);
}
WebContext
.
setAttribute
(
PasswordPolicyValidator
.
class
.
getName
(),
passwordPolicyMessage
);
return
false
;
}
return
true
;
}
...
...
@@ -329,12 +356,7 @@ public class PasswordPolicyValidator {
public
String
generateRandomPassword
()
{
getPasswordPolicy
();
PasswordGen
passwordGen
=
new
PasswordGen
(
Math
.
round
(
(
passwordPolicy
.
getMaxLength
()
+
passwordPolicy
.
getMinLength
()
)/
2
)
passwordPolicy
.
getRandomPasswordLength
()
);
return
passwordGen
.
gen
(
...
...
maxkey-core/src/main/resources/messages/passwordpolicy_message.properties
浏览文件 @
ab0b5959
#password
PasswordPolicy.HISTORY_VIOLATION
=
\u
5BC6
\u7801\u5339\u
914D
\u
4E86 {0}
\u5386\u
53F2
\u
5BC6
\u7801
.
PasswordPolicy.ILLEGAL_WORD
=
\u
5BC6
\u7801\u5305\u
542B
\u5728\u
5BC6
\u7801\u
5B57
\u5178
'{0}'.
PasswordPolicy.ILLEGAL_WORD_REVERSED
=
\u
5BC6
\u7801\u5305\u
542B
\u5728\u
5BC6
\u7801\u
5B57
\u5178\u5012\u
5E8F'{0}'.
PasswordPolicy.ILLEGAL_DIGEST_WORD
=
\u
5BC6
\u7801\u5305\u
542B
\u5728\u
5B57
\u5178\u
4E2D.
PasswordPolicy.ILLEGAL_DIGEST_WORD_REVERSED
=
\u
5BC6
\u7801\u5305\u
542B
\u5728\u
5B57
\u5178\u5012\u
5E8F
\u
4E2D.
PasswordPolicy.ILLEGAL_MATCH
=
\u
5BC6
\u7801\u5339\u
914D
\u
975E
\u
6CD5
\u
89C4
\u5219
'{0}'.
PasswordPolicy.ALLOWED_MATCH
=
\u
5BC6
\u7801\u
5FC5
\u
987B
\u5339\u
914D
\u
89C4
\u5219
'{0}'.
PasswordPolicy.ILLEGAL_CHAR
=
\u
5BC6
\u7801
{1}
\u5305\u
542B
\u
975E
\u
6CD5
\u
5B57
\u
7B26 '{0}'.
PasswordPolicy.ALLOWED_CHAR
=
\u
5BC6
\u7801
{1}
\u
975E
\u
6CD5
\u
5B57
\u
7B26 '{0}'.
PasswordPolicy.ILLEGAL_QWERTY_SEQUENCE
=
\u
5BC6
\u7801\u5305\u
542B
\u
952E
\u
76D8
\u
5E8F
\u5217
'{0}'.
PasswordPolicy.ILLEGAL_ALPHABETICAL_SEQUENCE
=
\u
5BC6
\u7801\u5305\u
542B
\u
5B57
\u
7B26
\u
5E8F
\u5217
'{0}'.
PasswordPolicy.ILLEGAL_NUMERICAL_SEQUENCE
=
\u
5BC6
\u7801\u5305\u
542B
\u6570\u
5B57
\u
5E8F
\u5217
'{0}'.
PasswordPolicy.ILLEGAL_USERNAME
=
\u
5BC6
\u7801\u
4E0D
\u
80FD
\u5305\u
542B
\u
767B
\u
5F55
\u
540D {0}.
PasswordPolicy.ILLEGAL_USERNAME_REVERSED
=
\u
5BC6
\u7801
{1}
\u5305\u
542B
\u
767B
\u
5F55
\u
540D {0}
\u5012\u
5E8F.
PasswordPolicy.ILLEGAL_WHITESPACE
=
\u
5BC6
\u7801
{1}
\u5305\u
542B
\u
7A7A
\u
683C.
PasswordPolicy.ILLEGAL_NUMBER_RANGE
=
\u
5BC6
\u7801
{1}
\u6570\u
5B57 '{0}'.
PasswordPolicy.ILLEGAL_REPEATED_CHARS
=
\u
5BC6
\u7801
{2}
\u
5E8F
\u5217
{0}
\u6216\u8005\u
591A
\u
4E2A
\u
5B57
\u
7B26,
\u
4F46 {1}
\u
8BB8:{3}
\u
6B21.
PasswordPolicy.INSUFFICIENT_UPPERCASE
=
\u
5BC6
\u7801\u
81F3
\u
5C11
\u5305\u
542B {0}
\u
4F4D
\u5927\u5199\u
5B57
\u
6BCD.
PasswordPolicy.INSUFFICIENT_LOWERCASE
=
\u
5BC6
\u7801\u
81F3
\u
5C11
\u5305\u
542B {0}
\u
4F4D
\u
5C0F
\u5199\u
5B57
\u
6BCD.
PasswordPolicy.INSUFFICIENT_ALPHABETICAL
=
\u
5BC6
\u7801\u
4FDD
\u
62A4
\u
5B57
\u
7B26
\u
5E8F
\u5217
{0}.
PasswordPolicy.INSUFFICIENT_DIGIT
=
\u
5BC6
\u7801\u
81F3
\u
5C11
\u5305\u
542B {0}
\u
4F4D
\u6570\u
5B57
\u
5B57
\u
6BCD.
PasswordPolicy.INSUFFICIENT_SPECIAL
=
\u
5BC6
\u7801\u
81F3
\u
5C11
\u5305\u
542B {0}
\u
4F4D
\u7279\u
6B8A
\u
5B57
\u
6BCD.
PasswordPolicy.INSUFFICIENT_CHARACTERISTICS
=
\u
5BC6
\u7801\u5339\u
914D {0} of {2}
\u
5B57
\u
7B26
\u
89C4
\u5219
,
\u
4F46 {1}
\u
5FC5
\u
987B.
PasswordPolicy.INSUFFICIENT_COMPLEXITY
=
\u
5BC6
\u7801\u9047\u5230
{1}
\u
590D
\u6742\u
89C4
\u5219
,
\u
4F46 {2}
\u
5FC5
\u
987B.
PasswordPolicy.INSUFFICIENT_COMPLEXITY_RULES
=
\u
6CA1
\u6709\u
914D
\u
7F6E
\u
5BC6
\u7801\u
957F
\u
5EA6
\u
89C4
\u5219
{0}.
PasswordPolicy.SOURCE_VIOLATION
=
\u
5BC6
\u7801\u
4E0D
\u
80FD
\u5305\u
542B {0}
\u
5BC6
\u7801
.
PasswordPolicy.TOO_LONG
=
\u
5BC6
\u7801\u
5FC5
\u
987B
\u
5C0F
\u
4E8E {1}
\u
4F4D
\u
5B57
\u
7B26.
PasswordPolicy.TOO_SHORT
=
\u
5BC6
\u7801\u
81F3
\u
5C11 {0}
\u
4F4D
\u
5B57
\u
7B26.
PasswordPolicy.TOO_MANY_OCCURRENCES
=
\u
5BC6
\u7801\u5305\u
542B {2}
\u
51FA
\u
73B0 '{0}',
\u6700\u
591A {3}
\u
6B21.
\ No newline at end of file
PasswordPolicy.HISTORY_VIOLATION
=
\u
5bc6
\u7801\u5339\u
914d
\u
4e86{0}
\u5386\u
53f2
\u
5bc6
\u7801
.
PasswordPolicy.ILLEGAL_WORD
=
\u
5bc6
\u7801\u5305\u
542b
\u5728\u
5bc6
\u7801\u
5b57
\u5178
'{0}'.
PasswordPolicy.ILLEGAL_WORD_REVERSED
=
\u
5bc6
\u7801\u5305\u
542b
\u5728\u
5bc6
\u7801\u
5b57
\u5178\u5012\u
5e8f'{0}'.
PasswordPolicy.ILLEGAL_DIGEST_WORD
=
\u
5bc6
\u7801\u5305\u
542b
\u5728\u
5b57
\u5178\u
4e2d.
PasswordPolicy.ILLEGAL_DIGEST_WORD_REVERSED
=
\u
5bc6
\u7801\u5305\u
542b
\u5728\u
5b57
\u5178\u5012\u
5e8f
\u
4e2d.
PasswordPolicy.ILLEGAL_MATCH
=
\u
5bc6
\u7801\u5339\u
914d
\u
975e
\u
6cd5
\u
89c4
\u5219
'{0}'.
PasswordPolicy.ALLOWED_MATCH
=
\u
5bc6
\u7801\u
5fc5
\u
987b
\u5339\u
914d
\u
89c4
\u5219
'{0}'.
PasswordPolicy.ILLEGAL_CHAR
=
\u
5bc6
\u7801
{1}
\u5305\u
542b
\u
975e
\u
6cd5
\u
5b57
\u
7b26'{0}'.
PasswordPolicy.ALLOWED_CHAR
=
\u
5bc6
\u7801
{1}
\u
975e
\u
6cd5
\u
5b57
\u
7b26'{0}'.
PasswordPolicy.ILLEGAL_QWERTY_SEQUENCE
=
\u
5bc6
\u7801\u5305\u
542b
\u
952e
\u
76d8
\u
5e8f
\u5217
'{0}'.
PasswordPolicy.ILLEGAL_ALPHABETICAL_SEQUENCE
=
\u
5bc6
\u7801\u5305\u
542b
\u
5b57
\u
7b26
\u
5e8f
\u5217
'{0}'.
PasswordPolicy.ILLEGAL_NUMERICAL_SEQUENCE
=
\u
5bc6
\u7801\u5305\u
542b
\u6570\u
5b57
\u
5e8f
\u5217
'{0}'.
PasswordPolicy.ILLEGAL_USERNAME
=
\u
5bc6
\u7801\u
4e0d
\u
80fd
\u5305\u
542b
\u
767b
\u
5f55
\u
540d{0}.
PasswordPolicy.ILLEGAL_USERNAME_REVERSED
=
\u
5bc6
\u7801
{1}
\u5305\u
542b
\u
767b
\u
5f55
\u
540d{0}
\u5012\u
5e8f.
PasswordPolicy.ILLEGAL_WHITESPACE
=
\u
5bc6
\u7801
{1}
\u5305\u
542b
\u
7a7a
\u
683c.
PasswordPolicy.ILLEGAL_NUMBER_RANGE
=
\u
5bc6
\u7801
{1}
\u6570\u
5b57 '{0}'.
PasswordPolicy.ILLEGAL_REPEATED_CHARS
=
\u
5bc6
\u7801
{2}
\u
5e8f
\u5217
{0}
\u6216\u8005\u
591a
\u
4e2a
\u
5b57
\u
7b26,
\u
4f46{1}
\u5141\u
8bb8:{3}
\u
6b21.
PasswordPolicy.INSUFFICIENT_UPPERCASE
=
\u
5bc6
\u7801\u
81f3
\u
5c11
\u5305\u
542b{0}
\u
4f4d
\u5927\u5199\u
5b57
\u
6bcd.
PasswordPolicy.INSUFFICIENT_LOWERCASE
=
\u
5bc6
\u7801\u
81f3
\u
5c11
\u5305\u
542b{0}
\u
4f4d
\u
5c0f
\u5199\u
5b57
\u
6bcd.
PasswordPolicy.INSUFFICIENT_ALPHABETICAL
=
\u
5bc6
\u7801\u5305\u
542b
\u
5b57
\u
7b26
\u
5e8f
\u5217
{0}.
PasswordPolicy.INSUFFICIENT_DIGIT
=
\u
5bc6
\u7801\u
81f3
\u
5c11
\u5305\u
542b{0}
\u
4f4d
\u6570\u
5b57
\u
5b57
\u
6bcd.
PasswordPolicy.INSUFFICIENT_SPECIAL
=
\u
5bc6
\u7801\u
81f3
\u
5c11
\u5305\u
542b{0}
\u
4f4d
\u7279\u
6b8a
\u
5b57
\u
7b26.
PasswordPolicy.INSUFFICIENT_CHARACTERISTICS
=
\u
5bc6
\u7801\u5339\u
914d {0} of{2}
\u
5b57
\u
7b26
\u
89c4
\u5219
,
\u
4f46{1}
\u
5fc5
\u
987b.
PasswordPolicy.INSUFFICIENT_COMPLEXITY
=
\u
5bc6
\u7801\u9047\u5230
{1}
\u
590d
\u6742\u
89c4
\u5219
,
\u
4f46{2}
\u
5fc5
\u
987b.
PasswordPolicy.INSUFFICIENT_COMPLEXITY_RULES
=
\u
6ca1
\u6709\u
914d
\u
7f6e
\u
5bc6
\u7801\u
957f
\u
5ea6
\u
89c4
\u5219
{0}.
PasswordPolicy.SOURCE_VIOLATION
=
\u
5bc6
\u7801\u
4e0d
\u
80fd
\u5305\u
542b{0}
\u
5bc6
\u7801
.
PasswordPolicy.TOO_LONG
=
\u
5bc6
\u7801\u6700\u
591a{1}
\u
4f4d
\u
5b57
\u
7b26.
PasswordPolicy.TOO_SHORT
=
\u
5bc6
\u7801\u
81f3
\u
5c11{0}
\u
4f4d
\u
5b57
\u
7b26.
PasswordPolicy.TOO_MANY_OCCURRENCES
=
\u
5bc6
\u7801\u5305\u
542b{0}
\u
51fa
\u
73b0{1},
\u6700\u
591a{2}
\u
6b21.
PasswordPolicy.OLD_PASSWORD_NOT_MATCH
=
\u
539f
\u
5bc6
\u7801\u
4e0d
\u5339\u
914d.
PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH
=
\u
65b0
\u
5bc6
\u7801\u
4e0e
\u
786e
\u
8ba4
\u
5bc6
\u7801\u
4e0d
\u
4e00
\u
81f4.
PasswordPolicy.OLD_PASSWORD_MATCH
=
\u
65b0
\u
5bc6
\u7801\u
4e0d
\u
80fd
\u
4e0e
\u
65e7
\u
5bc6
\u7801\u
4e00
\u
81f4.
\ No newline at end of file
maxkey-core/src/main/resources/messages/passwordpolicy_message_en.properties
浏览文件 @
ab0b5959
...
...
@@ -28,3 +28,6 @@ PasswordPolicy.SOURCE_VIOLATION=Password cannot be the same as your {0} password
PasswordPolicy.TOO_LONG
=
Password must be no more than {1} characters in length.
PasswordPolicy.TOO_SHORT
=
Password must be {0} or more characters in length .
PasswordPolicy.TOO_MANY_OCCURRENCES
=
Password contains {1} occurrences of the character '{0}', but at most {2} are allowed.
PasswordPolicy.OLD_PASSWORD_NOT_MATCH
=
old password not match.
PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH
=
new password not match confirm password.
PasswordPolicy.OLD_PASSWORD_MATCH
=
new password match old password.
\ No newline at end of file
maxkey-core/src/main/resources/messages/passwordpolicy_message_zh_CN.properties
浏览文件 @
ab0b5959
#password
PasswordPolicy.HISTORY_VIOLATION
=
\u
5BC6
\u7801\u5339\u
914D
\u
4E86 {0}
\u5386\u
53F2
\u
5BC6
\u7801
.
PasswordPolicy.ILLEGAL_WORD
=
\u
5BC6
\u7801\u5305\u
542B
\u5728\u
5BC6
\u7801\u
5B57
\u5178
'{0}'.
PasswordPolicy.ILLEGAL_WORD_REVERSED
=
\u
5BC6
\u7801\u5305\u
542B
\u5728\u
5BC6
\u7801\u
5B57
\u5178\u5012\u
5E8F'{0}'.
PasswordPolicy.ILLEGAL_DIGEST_WORD
=
\u
5BC6
\u7801\u5305\u
542B
\u5728\u
5B57
\u5178\u
4E2D.
PasswordPolicy.ILLEGAL_DIGEST_WORD_REVERSED
=
\u
5BC6
\u7801\u5305\u
542B
\u5728\u
5B57
\u5178\u5012\u
5E8F
\u
4E2D.
PasswordPolicy.ILLEGAL_MATCH
=
\u
5BC6
\u7801\u5339\u
914D
\u
975E
\u
6CD5
\u
89C4
\u5219
'{0}'.
PasswordPolicy.ALLOWED_MATCH
=
\u
5BC6
\u7801\u
5FC5
\u
987B
\u5339\u
914D
\u
89C4
\u5219
'{0}'.
PasswordPolicy.ILLEGAL_CHAR
=
\u
5BC6
\u7801
{1}
\u5305\u
542B
\u
975E
\u
6CD5
\u
5B57
\u
7B26 '{0}'.
PasswordPolicy.ALLOWED_CHAR
=
\u
5BC6
\u7801
{1}
\u
975E
\u
6CD5
\u
5B57
\u
7B26 '{0}'.
PasswordPolicy.ILLEGAL_QWERTY_SEQUENCE
=
\u
5BC6
\u7801\u5305\u
542B
\u
952E
\u
76D8
\u
5E8F
\u5217
'{0}'.
PasswordPolicy.ILLEGAL_ALPHABETICAL_SEQUENCE
=
\u
5BC6
\u7801\u5305\u
542B
\u
5B57
\u
7B26
\u
5E8F
\u5217
'{0}'.
PasswordPolicy.ILLEGAL_NUMERICAL_SEQUENCE
=
\u
5BC6
\u7801\u5305\u
542B
\u6570\u
5B57
\u
5E8F
\u5217
'{0}'.
PasswordPolicy.ILLEGAL_USERNAME
=
\u
5BC6
\u7801\u
4E0D
\u
80FD
\u5305\u
542B
\u
767B
\u
5F55
\u
540D {0}.
PasswordPolicy.ILLEGAL_USERNAME_REVERSED
=
\u
5BC6
\u7801
{1}
\u5305\u
542B
\u
767B
\u
5F55
\u
540D {0}
\u5012\u
5E8F.
PasswordPolicy.ILLEGAL_WHITESPACE
=
\u
5BC6
\u7801
{1}
\u5305\u
542B
\u
7A7A
\u
683C.
PasswordPolicy.ILLEGAL_NUMBER_RANGE
=
\u
5BC6
\u7801
{1}
\u6570\u
5B57 '{0}'.
PasswordPolicy.ILLEGAL_REPEATED_CHARS
=
\u
5BC6
\u7801
{2}
\u
5E8F
\u5217
{0}
\u6216\u8005\u
591A
\u
4E2A
\u
5B57
\u
7B26,
\u
4F46 {1}
\u
8BB8:{3}
\u
6B21.
PasswordPolicy.INSUFFICIENT_UPPERCASE
=
\u
5BC6
\u7801\u
81F3
\u
5C11
\u5305\u
542B {0}
\u
4F4D
\u5927\u5199\u
5B57
\u
6BCD.
PasswordPolicy.INSUFFICIENT_LOWERCASE
=
\u
5BC6
\u7801\u
81F3
\u
5C11
\u5305\u
542B {0}
\u
4F4D
\u
5C0F
\u5199\u
5B57
\u
6BCD.
PasswordPolicy.INSUFFICIENT_ALPHABETICAL
=
\u
5BC6
\u7801\u
4FDD
\u
62A4
\u
5B57
\u
7B26
\u
5E8F
\u5217
{0}.
PasswordPolicy.INSUFFICIENT_DIGIT
=
\u
5BC6
\u7801\u
81F3
\u
5C11
\u5305\u
542B {0}
\u
4F4D
\u6570\u
5B57
\u
5B57
\u
6BCD.
PasswordPolicy.INSUFFICIENT_SPECIAL
=
\u
5BC6
\u7801\u
81F3
\u
5C11
\u5305\u
542B {0}
\u
4F4D
\u7279\u
6B8A
\u
5B57
\u
6BCD.
PasswordPolicy.INSUFFICIENT_CHARACTERISTICS
=
\u
5BC6
\u7801\u5339\u
914D {0} of {2}
\u
5B57
\u
7B26
\u
89C4
\u5219
,
\u
4F46 {1}
\u
5FC5
\u
987B.
PasswordPolicy.INSUFFICIENT_COMPLEXITY
=
\u
5BC6
\u7801\u9047\u5230
{1}
\u
590D
\u6742\u
89C4
\u5219
,
\u
4F46 {2}
\u
5FC5
\u
987B.
PasswordPolicy.INSUFFICIENT_COMPLEXITY_RULES
=
\u
6CA1
\u6709\u
914D
\u
7F6E
\u
5BC6
\u7801\u
957F
\u
5EA6
\u
89C4
\u5219
{0}.
PasswordPolicy.SOURCE_VIOLATION
=
\u
5BC6
\u7801\u
4E0D
\u
80FD
\u5305\u
542B {0}
\u
5BC6
\u7801
.
PasswordPolicy.TOO_LONG
=
\u
5BC6
\u7801\u
5FC5
\u
987B
\u
5C0F
\u
4E8E {1}
\u
4F4D
\u
5B57
\u
7B26.
PasswordPolicy.TOO_SHORT
=
\u
5BC6
\u7801\u
81F3
\u
5C11 {0}
\u
4F4D
\u
5B57
\u
7B26.
PasswordPolicy.TOO_MANY_OCCURRENCES
=
\u
5BC6
\u7801\u5305\u
542B {2}
\u
51FA
\u
73B0 '{0}',
\u6700\u
591A {3}
\u
6B21.
\ No newline at end of file
PasswordPolicy.HISTORY_VIOLATION
=
\u
5bc6
\u7801\u5339\u
914d
\u
4e86{0}
\u5386\u
53f2
\u
5bc6
\u7801
.
PasswordPolicy.ILLEGAL_WORD
=
\u
5bc6
\u7801\u5305\u
542b
\u5728\u
5bc6
\u7801\u
5b57
\u5178
'{0}'.
PasswordPolicy.ILLEGAL_WORD_REVERSED
=
\u
5bc6
\u7801\u5305\u
542b
\u5728\u
5bc6
\u7801\u
5b57
\u5178\u5012\u
5e8f'{0}'.
PasswordPolicy.ILLEGAL_DIGEST_WORD
=
\u
5bc6
\u7801\u5305\u
542b
\u5728\u
5b57
\u5178\u
4e2d.
PasswordPolicy.ILLEGAL_DIGEST_WORD_REVERSED
=
\u
5bc6
\u7801\u5305\u
542b
\u5728\u
5b57
\u5178\u5012\u
5e8f
\u
4e2d.
PasswordPolicy.ILLEGAL_MATCH
=
\u
5bc6
\u7801\u5339\u
914d
\u
975e
\u
6cd5
\u
89c4
\u5219
'{0}'.
PasswordPolicy.ALLOWED_MATCH
=
\u
5bc6
\u7801\u
5fc5
\u
987b
\u5339\u
914d
\u
89c4
\u5219
'{0}'.
PasswordPolicy.ILLEGAL_CHAR
=
\u
5bc6
\u7801
{1}
\u5305\u
542b
\u
975e
\u
6cd5
\u
5b57
\u
7b26'{0}'.
PasswordPolicy.ALLOWED_CHAR
=
\u
5bc6
\u7801
{1}
\u
975e
\u
6cd5
\u
5b57
\u
7b26'{0}'.
PasswordPolicy.ILLEGAL_QWERTY_SEQUENCE
=
\u
5bc6
\u7801\u5305\u
542b
\u
952e
\u
76d8
\u
5e8f
\u5217
'{0}'.
PasswordPolicy.ILLEGAL_ALPHABETICAL_SEQUENCE
=
\u
5bc6
\u7801\u5305\u
542b
\u
5b57
\u
7b26
\u
5e8f
\u5217
'{0}'.
PasswordPolicy.ILLEGAL_NUMERICAL_SEQUENCE
=
\u
5bc6
\u7801\u5305\u
542b
\u6570\u
5b57
\u
5e8f
\u5217
'{0}'.
PasswordPolicy.ILLEGAL_USERNAME
=
\u
5bc6
\u7801\u
4e0d
\u
80fd
\u5305\u
542b
\u
767b
\u
5f55
\u
540d{0}.
PasswordPolicy.ILLEGAL_USERNAME_REVERSED
=
\u
5bc6
\u7801
{1}
\u5305\u
542b
\u
767b
\u
5f55
\u
540d{0}
\u5012\u
5e8f.
PasswordPolicy.ILLEGAL_WHITESPACE
=
\u
5bc6
\u7801
{1}
\u5305\u
542b
\u
7a7a
\u
683c.
PasswordPolicy.ILLEGAL_NUMBER_RANGE
=
\u
5bc6
\u7801
{1}
\u6570\u
5b57 '{0}'.
PasswordPolicy.ILLEGAL_REPEATED_CHARS
=
\u
5bc6
\u7801
{2}
\u
5e8f
\u5217
{0}
\u6216\u8005\u
591a
\u
4e2a
\u
5b57
\u
7b26,
\u
4f46{1}
\u5141\u
8bb8:{3}
\u
6b21.
PasswordPolicy.INSUFFICIENT_UPPERCASE
=
\u
5bc6
\u7801\u
81f3
\u
5c11
\u5305\u
542b{0}
\u
4f4d
\u5927\u5199\u
5b57
\u
6bcd.
PasswordPolicy.INSUFFICIENT_LOWERCASE
=
\u
5bc6
\u7801\u
81f3
\u
5c11
\u5305\u
542b{0}
\u
4f4d
\u
5c0f
\u5199\u
5b57
\u
6bcd.
PasswordPolicy.INSUFFICIENT_ALPHABETICAL
=
\u
5bc6
\u7801\u5305\u
542b
\u
5b57
\u
7b26
\u
5e8f
\u5217
{0}.
PasswordPolicy.INSUFFICIENT_DIGIT
=
\u
5bc6
\u7801\u
81f3
\u
5c11
\u5305\u
542b{0}
\u
4f4d
\u6570\u
5b57
\u
5b57
\u
6bcd.
PasswordPolicy.INSUFFICIENT_SPECIAL
=
\u
5bc6
\u7801\u
81f3
\u
5c11
\u5305\u
542b{0}
\u
4f4d
\u7279\u
6b8a
\u
5b57
\u
7b26.
PasswordPolicy.INSUFFICIENT_CHARACTERISTICS
=
\u
5bc6
\u7801\u5339\u
914d {0} of{2}
\u
5b57
\u
7b26
\u
89c4
\u5219
,
\u
4f46{1}
\u
5fc5
\u
987b.
PasswordPolicy.INSUFFICIENT_COMPLEXITY
=
\u
5bc6
\u7801\u9047\u5230
{1}
\u
590d
\u6742\u
89c4
\u5219
,
\u
4f46{2}
\u
5fc5
\u
987b.
PasswordPolicy.INSUFFICIENT_COMPLEXITY_RULES
=
\u
6ca1
\u6709\u
914d
\u
7f6e
\u
5bc6
\u7801\u
957f
\u
5ea6
\u
89c4
\u5219
{0}.
PasswordPolicy.SOURCE_VIOLATION
=
\u
5bc6
\u7801\u
4e0d
\u
80fd
\u5305\u
542b{0}
\u
5bc6
\u7801
.
PasswordPolicy.TOO_LONG
=
\u
5bc6
\u7801\u6700\u
591a{1}
\u
4f4d
\u
5b57
\u
7b26.
PasswordPolicy.TOO_SHORT
=
\u
5bc6
\u7801\u
81f3
\u
5c11{0}
\u
4f4d
\u
5b57
\u
7b26.
PasswordPolicy.TOO_MANY_OCCURRENCES
=
\u
5bc6
\u7801\u5305\u
542b{0}
\u
51fa
\u
73b0{1},
\u6700\u
591a{2}
\u
6b21.
PasswordPolicy.OLD_PASSWORD_NOT_MATCH
=
\u
539f
\u
5bc6
\u7801\u
4e0d
\u5339\u
914d.
PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH
=
\u
65b0
\u
5bc6
\u7801\u
4e0e
\u
786e
\u
8ba4
\u
5bc6
\u7801\u
4e0d
\u
4e00
\u
81f4.
PasswordPolicy.OLD_PASSWORD_MATCH
=
\u
65b0
\u
5bc6
\u7801\u
4e0d
\u
80fd
\u
4e0e
\u
65e7
\u
5bc6
\u7801\u
4e00
\u
81f4.
\ No newline at end of file
maxkey-core/src/test/java/org/maxkey/crypto/password/PasswordReciprocalTest.java
浏览文件 @
ab0b5959
...
...
@@ -32,7 +32,7 @@ public class PasswordReciprocalTest {
String
epass
=
spe
.
encode
(
pass
);
System
.
out
.
println
(
"PasswordEncoder "
+
epass
);
System
.
out
.
println
(
PasswordReciprocal
.
getInstance
().
decoder
(
"
bb2002b9f55b05d3e0e6f34ec5321051
"
));
System
.
out
.
println
(
PasswordReciprocal
.
getInstance
().
decoder
(
"
f1ee1e9b912f05333a06925c99daf9c0
"
));
}
}
maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java
浏览文件 @
ab0b5959
...
...
@@ -183,7 +183,9 @@ public class UserInfoService extends JpaBaseService<UserInfo> {
public
boolean
changePassword
(
UserInfo
userInfo
)
{
try
{
passwordPolicyValidator
.
validator
(
userInfo
);
if
(
passwordPolicyValidator
.
validator
(
userInfo
)
==
false
)
{
return
false
;
}
if
(
WebContext
.
getUserInfo
()
!=
null
)
{
userInfo
.
setModifiedBy
(
WebContext
.
getUserInfo
().
getId
());
...
...
maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java
浏览文件 @
ab0b5959
...
...
@@ -26,6 +26,7 @@ import org.maxkey.constants.ConstantsTimeInterval;
import
org.maxkey.crypto.ReciprocalUtils
;
import
org.maxkey.crypto.password.PasswordReciprocal
;
import
org.maxkey.domain.UserInfo
;
import
org.maxkey.persistence.db.PasswordPolicyValidator
;
import
org.maxkey.persistence.service.UserInfoService
;
import
org.maxkey.util.StringUtils
;
import
org.maxkey.web.WebConstants
;
...
...
@@ -72,7 +73,10 @@ public class SafeController {
if
(
changeUserPassword
(
oldPassword
,
newPassword
,
confirmPassword
))
{
return
new
Message
(
WebContext
.
getI18nValue
(
ConstantsOperateMessage
.
UPDATE_SUCCESS
),
MessageType
.
success
);
}
else
{
return
new
Message
(
WebContext
.
getI18nValue
(
ConstantsOperateMessage
.
UPDATE_ERROR
),
MessageType
.
error
);
return
new
Message
(
WebContext
.
getI18nValue
(
ConstantsOperateMessage
.
UPDATE_ERROR
)+
"<br>"
+
WebContext
.
getAttribute
(
PasswordPolicyValidator
.
class
.
getName
()),
MessageType
.
error
);
}
}
...
...
@@ -83,17 +87,16 @@ public class SafeController {
@RequestParam
(
value
=
"confirmPassword"
,
required
=
false
)
String
confirmPassword
)
{
ModelAndView
modelAndView
=
new
ModelAndView
(
"passwordExpired"
);
if
(
newPassword
==
null
||
newPassword
.
equals
(
""
))
{
UserInfo
userInfo
=
WebContext
.
getUserInfo
();
modelAndView
.
addObject
(
"model"
,
userInfo
);
return
modelAndView
;
}
else
if
(
changeUserPassword
(
oldPassword
,
newPassword
,
confirmPassword
)){
WebContext
.
getSession
().
setAttribute
(
WebConstants
.
CURRENT_LOGIN_USER_PASSWORD_SET_TYPE
,
ConstantsPasswordSetType
.
PASSWORD_NORMAL
);
return
WebContext
.
redirect
(
"/index"
);
//modelAndView.setViewName("index");
}
new
Message
(
WebContext
.
getI18nValue
(
ConstantsOperateMessage
.
UPDATE_ERROR
),
MessageType
.
error
);
Object
errorMessage
=
WebContext
.
getAttribute
(
PasswordPolicyValidator
.
class
.
getName
());
UserInfo
userInfo
=
WebContext
.
getUserInfo
();
modelAndView
.
addObject
(
"model"
,
userInfo
);
modelAndView
.
addObject
(
"errorMessage"
,
errorMessage
==
null
?
""
:
errorMessage
);
return
modelAndView
;
}
...
...
@@ -105,33 +108,53 @@ public class SafeController {
@RequestParam
(
value
=
"confirmPassword"
,
required
=
false
)
String
confirmPassword
)
{
ModelAndView
modelAndView
=
new
ModelAndView
(
"passwordInitial"
);
if
(
newPassword
==
null
||
newPassword
.
equals
(
""
))
{
UserInfo
userInfo
=
WebContext
.
getUserInfo
();
modelAndView
.
addObject
(
"model"
,
userInfo
);
return
modelAndView
;
}
else
if
(
changeUserPassword
(
oldPassword
,
newPassword
,
confirmPassword
)){
WebContext
.
getSession
().
setAttribute
(
WebConstants
.
CURRENT_LOGIN_USER_PASSWORD_SET_TYPE
,
ConstantsPasswordSetType
.
PASSWORD_NORMAL
);
return
WebContext
.
redirect
(
"/index"
);
//modelAndView.setViewName("index");
}
new
Message
(
WebContext
.
getI18nValue
(
ConstantsOperateMessage
.
UPDATE_ERROR
),
MessageType
.
error
);
Object
errorMessage
=
WebContext
.
getAttribute
(
PasswordPolicyValidator
.
class
.
getName
());
modelAndView
.
addObject
(
"errorMessage"
,
errorMessage
==
null
?
""
:
errorMessage
);
UserInfo
userInfo
=
WebContext
.
getUserInfo
();
modelAndView
.
addObject
(
"model"
,
userInfo
);
return
modelAndView
;
}
public
boolean
changeUserPassword
(
String
oldPassword
,
String
newPassword
,
String
confirmPassword
){
UserInfo
userInfo
=
WebContext
.
getUserInfo
();
WebContext
.
setAttribute
(
PasswordPolicyValidator
.
class
.
getName
(),
""
);
UserInfo
userInfo
=
WebContext
.
getUserInfo
();
UserInfo
changeUserInfo
=
new
UserInfo
();
changeUserInfo
.
setUsername
(
userInfo
.
getUsername
());
changeUserInfo
.
setPassword
(
newPassword
);
changeUserInfo
.
setId
(
userInfo
.
getId
());
changeUserInfo
.
setDecipherable
(
userInfo
.
getDecipherable
());
_logger
.
debug
(
"decipherable old : "
+
userInfo
.
getDecipherable
());
_logger
.
debug
(
"decipherable new : "
+
ReciprocalUtils
.
encode
(
PasswordReciprocal
.
getInstance
().
rawPassword
(
userInfo
.
getUsername
(),
newPassword
)));
if
(
newPassword
.
equals
(
confirmPassword
)){
if
(
oldPassword
==
null
||
passwordEncoder
.
matches
(
oldPassword
,
userInfo
.
getPassword
())){
userInfo
.
setPassword
(
newPassword
);
userInfoService
.
changePassword
(
userInfo
);
//TODO syncProvisioningService.changePassword(userInfo
);
if
(
userInfoService
.
changePassword
(
changeUserInfo
))
{
userInfo
.
setPassword
(
changeUserInfo
.
getPassword
()
);
userInfo
.
setDecipherable
(
changeUserInfo
.
getDecipherable
()
);
return
true
;
}
}
else
{
if
(
oldPassword
!=
null
&&
passwordEncoder
.
matches
(
newPassword
,
userInfo
.
getPassword
()))
{
WebContext
.
setAttribute
(
PasswordPolicyValidator
.
class
.
getName
(),
WebContext
.
getI18nValue
(
"PasswordPolicy.OLD_PASSWORD_MATCH"
));
}
else
{
WebContext
.
setAttribute
(
PasswordPolicyValidator
.
class
.
getName
(),
WebContext
.
getI18nValue
(
"PasswordPolicy.OLD_PASSWORD_NOT_MATCH"
));
}
}
}
else
{
WebContext
.
setAttribute
(
PasswordPolicyValidator
.
class
.
getName
(),
WebContext
.
getI18nValue
(
"PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH"
));
}
return
false
;
...
...
maxkey-web-maxkey/src/main/resources/templates/views/passwordExpired.ftl
浏览文件 @
ab0b5959
...
...
@@ -21,7 +21,14 @@
<table
class=
"table table-bordered"
>
<tbody>
<tr>
<th
colspan=
"2"
><
@
locale
code=
"login.password.expired.tip"
/></th>
<th
colspan=
"2"
>
<
@
locale
code=
"login.password.expired.tip"
/>
</th>
</tr>
<tr
<
#if
''==
errorMessage
>
style="display:none;"
</
#
if>
>
<th
colspan=
"2"
style=
"color:red;"
>
${errorMessage!}
</th>
</tr>
<tr>
<th><
@
locale
code=
"userinfo.displayName"
/>
:
</th>
...
...
maxkey-web-maxkey/src/main/resources/templates/views/passwordInitial.ftl
浏览文件 @
ab0b5959
...
...
@@ -23,6 +23,11 @@
<tr>
<th
colspan=
"2"
><
@
locale
code=
"login.password.initial.change.tip"
/></th>
</tr>
<tr
<
#if
''==
errorMessage
>
style="display:none;"
</
#
if>
>
<th
colspan=
"2"
style=
"color:red;"
>
${errorMessage!}
</th>
</tr>
<tr>
<th><
@
locale
code=
"userinfo.displayName"
/>
:
</th>
<td>
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录