Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-18751

Validate password with userPasswordPattern regex

    XMLWordPrintable

    Details

    • Tags:
    • Backlog priority:
      500
    • Sprint:
      nxDM 8.4.1
    • Story Points:
      3

      Description

      UserManager has provision to set a regex for password validation. This Regex should be checked when updating or creating a user.

      Configure UserManager

      		<?xml version="1.0"?>
      		<component name="org.nuxeo.ecm.platform.usermanager.test.override">
      
      		  <require>org.nuxeo.ecm.platform.usermanager.UserManagerImpl</require>
      
      		  <extension target="org.nuxeo.ecm.platform.usermanager.UserService"
      		    point="userManager">
      		    <userManager>
      		      <!-- The password is valid if :
      			        - it has only word characters : [a-zA-Z0-9_]
      			        - it's at least 8 long
      			        - it has at least one digit
      			        - it has at least two lowercase letter
      			        - it has at least one uppercase letter -->
      		      <userPasswordPattern>
      		        ^\w*(?=.{8,})(?=.*\d)(?=(.*[a-z]){2,})(?=.*[A-Z])\w*$
      		      </userPasswordPattern>
      
      		    </userManager>
      		  </extension>
      
      		</component>
      

      Activate on maintenance versions

      Before 8.4, the check is not activated by default. Depdending on your version you can activate the check like this :

      7.10

      Create a contribution like this

      	<?xml version="1.0"?>
      
      	<component name="org.nuxeo.ecm.platform.usermanager.properties.override">
      
      	  <extension target="org.nuxeo.runtime.ConfigurationService" point="configuration">
      	    <documentation>
      	      Controls whether we check the validity of password when changing it.
      
      	      @since 8.4
      	    </documentation>
      	    <property name="nuxeo.usermanager.check.password">true</property>
      	  </extension>
      
      	</component>
      

      6.0

      Add this property to your nuxeo.conf

      nuxeo.usermanager.check.password=true
      

        Attachments

          Activity

            People

            • Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 day
                1d

                  PagerDuty

                  Error rendering 'com.pagerduty.jira-server-plugin:PagerDuty'. Please contact your Jira administrators.