use of com.zimbra.common.service.ServiceException.Argument in project zm-mailbox by Zimbra.
the class LdapProvisioning method checkPasswordStrength.
/**
* called to check password strength. Should pass in either an Account, or Cos/Attributes (during creation).
*
* @param password
* @param acct
* @param cos
* @param attrs
* @throws ServiceException
*/
private void checkPasswordStrength(String password, Account acct, Cos cos, ZMutableEntry entry) throws ServiceException {
int minLength = getInt(acct, cos, entry, Provisioning.A_zimbraPasswordMinLength, 0);
if (minLength > 0 && password.length() < minLength) {
throw AccountServiceException.INVALID_PASSWORD("too short", new Argument(Provisioning.A_zimbraPasswordMinLength, minLength, Argument.Type.NUM));
}
int maxLength = getInt(acct, cos, entry, Provisioning.A_zimbraPasswordMaxLength, 0);
if (maxLength > 0 && password.length() > maxLength) {
throw AccountServiceException.INVALID_PASSWORD("too long", new Argument(Provisioning.A_zimbraPasswordMaxLength, maxLength, Argument.Type.NUM));
}
int minUpperCase = getInt(acct, cos, entry, Provisioning.A_zimbraPasswordMinUpperCaseChars, 0);
int minLowerCase = getInt(acct, cos, entry, Provisioning.A_zimbraPasswordMinLowerCaseChars, 0);
int minNumeric = getInt(acct, cos, entry, Provisioning.A_zimbraPasswordMinNumericChars, 0);
int minPunctuation = getInt(acct, cos, entry, Provisioning.A_zimbraPasswordMinPunctuationChars, 0);
int minAlpha = getInt(acct, cos, entry, Provisioning.A_zimbraPasswordMinAlphaChars, 0);
int minNumOrPunc = getInt(acct, cos, entry, Provisioning.A_zimbraPasswordMinDigitsOrPuncs, 0);
String allowedChars = getString(acct, cos, entry, Provisioning.A_zimbraPasswordAllowedChars);
Pattern allowedCharsPattern = null;
if (allowedChars != null) {
try {
allowedCharsPattern = Pattern.compile(allowedChars);
} catch (PatternSyntaxException e) {
throw AccountServiceException.INVALID_PASSWORD(Provisioning.A_zimbraPasswordAllowedChars + " is not valid regex: " + e.getMessage());
}
}
String allowedPuncChars = getString(acct, cos, entry, Provisioning.A_zimbraPasswordAllowedPunctuationChars);
Pattern allowedPuncCharsPattern = null;
if (allowedPuncChars != null) {
try {
allowedPuncCharsPattern = Pattern.compile(allowedPuncChars);
} catch (PatternSyntaxException e) {
throw AccountServiceException.INVALID_PASSWORD(Provisioning.A_zimbraPasswordAllowedPunctuationChars + " is not valid regex: " + e.getMessage());
}
}
boolean hasPolicies = minUpperCase > 0 || minLowerCase > 0 || minNumeric > 0 || minPunctuation > 0 || minAlpha > 0 || minNumOrPunc > 0 || allowedCharsPattern != null || allowedPuncCharsPattern != null;
if (!hasPolicies) {
return;
}
int upper = 0;
int lower = 0;
int numeric = 0;
int punctuation = 0;
int alpha = 0;
for (int i = 0; i < password.length(); i++) {
char ch = password.charAt(i);
if (allowedCharsPattern != null) {
if (!allowedCharsPattern.matcher(Character.toString(ch)).matches()) {
throw AccountServiceException.INVALID_PASSWORD(ch + " is not an allowed character", new Argument(Provisioning.A_zimbraPasswordAllowedChars, allowedChars, Argument.Type.STR));
}
}
boolean isAlpha = true;
if (Character.isUpperCase(ch)) {
upper++;
} else if (Character.isLowerCase(ch)) {
lower++;
} else if (Character.isDigit(ch)) {
numeric++;
isAlpha = false;
} else if (allowedPuncCharsPattern != null) {
if (allowedPuncCharsPattern.matcher(Character.toString(ch)).matches()) {
punctuation++;
isAlpha = false;
}
} else if (isAsciiPunc(ch)) {
punctuation++;
isAlpha = false;
}
if (isAlpha) {
alpha++;
}
}
if (upper < minUpperCase) {
throw AccountServiceException.INVALID_PASSWORD("not enough upper case characters", new Argument(Provisioning.A_zimbraPasswordMinUpperCaseChars, minUpperCase, Argument.Type.NUM));
}
if (lower < minLowerCase) {
throw AccountServiceException.INVALID_PASSWORD("not enough lower case characters", new Argument(Provisioning.A_zimbraPasswordMinLowerCaseChars, minLowerCase, Argument.Type.NUM));
}
if (numeric < minNumeric) {
throw AccountServiceException.INVALID_PASSWORD("not enough numeric characters", new Argument(Provisioning.A_zimbraPasswordMinNumericChars, minNumeric, Argument.Type.NUM));
}
if (punctuation < minPunctuation) {
throw AccountServiceException.INVALID_PASSWORD("not enough punctuation characters", new Argument(Provisioning.A_zimbraPasswordMinPunctuationChars, minPunctuation, Argument.Type.NUM));
}
if (alpha < minAlpha) {
throw AccountServiceException.INVALID_PASSWORD("not enough alpha characters", new Argument(Provisioning.A_zimbraPasswordMinAlphaChars, minAlpha, Argument.Type.NUM));
}
if (numeric + punctuation < minNumOrPunc) {
throw AccountServiceException.INVALID_PASSWORD("not enough numeric or punctuation characters", new Argument(Provisioning.A_zimbraPasswordMinDigitsOrPuncs, minNumOrPunc, Argument.Type.NUM));
}
}
use of com.zimbra.common.service.ServiceException.Argument in project zm-mailbox by Zimbra.
the class ServiceExceptionTest method testArgumentEquals.
@Test
public void testArgumentEquals() {
Argument arg1a = new Argument("1", "one", Argument.Type.STR);
Argument arg1b = new Argument("1", "one", Argument.Type.STR);
Argument arg1c = new Argument("1", "two", Argument.Type.STR);
Argument arg2 = new Argument("2", "one", Argument.Type.STR);
Assert.assertFalse(arg1a.equals(null));
Assert.assertTrue(arg1a.equals(arg1b));
Assert.assertFalse(arg1a.equals(arg1c));
Assert.assertFalse(arg1a.equals(arg2));
}
Aggregations