Validation/Generation

Positive Matching Rules

Negative Matching Rules

Passay Useful Resources

Passay - M of N rules

Previous
Quiz
Next

Many times a password policy mandated compliance to minimum rules out of given rules such as a password must be compliant with at least M of N rules. Consider the following policy.

  • Length of password should be in between 8 to 16 characters.

  • A password should not contain any whitespace.

  • A password should contains at least three of the following: upper, lower, digit or symbol.

Syntax - Define a M of N Rule

// Define a M of N rule
CharacterCharacteristicsRule rule3 = new CharacterCharacteristicsRule();        

// Define M - Mandatory characters count
rule3.setNumberOfCharacteristics(3);

Example - Validating a Password meeting at least three rule.

The below example shows the validation of a password against above policy using Passay library.

PassayDemo.java

package com.tutorialspoint;

import java.io.FileNotFoundException;
import java.io.IOException;

import org.passay.CharacterCharacteristicsRule;
import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayDemo {
   public static void main(String[] args) throws FileNotFoundException, IOException {
      //Rule 1: Password length should be in between 
      //8 and 16 characters
      Rule rule1 = new LengthRule(8, 16);        
      //Rule 2: No whitespace allowed
      Rule rule2 = new WhitespaceRule();        
	  
	  // Define a M of N rule
      CharacterCharacteristicsRule rule3 = new CharacterCharacteristicsRule();        
      
	  // Define M - Mandatory characters count
      rule3.setNumberOfCharacteristics(3);        
      
	  // Define elements of N (upper, lower, digit, symbol)
	  //Rule 3.a: One Upper-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
      //Rule 3.b: One Lower-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
      //Rule 3.c: One digit
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Digit, 1));        
      //Rule 3.d: One special character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Special, 1));

      PasswordValidator validator = new PasswordValidator(rule1, rule2, rule3);        
      PasswordData password = new PasswordData("microsoft@123");        
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      } else {
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

Output

Compile and run the code to verify the result −

Password validated.

Example - Validating a Password not meeting at least three rule.

The below example shows the validation of a password against above policy using Passay library.

PassayDemo.java

package com.tutorialspoint;

import java.io.FileNotFoundException;
import java.io.IOException;

import org.passay.CharacterCharacteristicsRule;
import org.passay.CharacterRule;
import org.passay.EnglishCharacterData;
import org.passay.LengthRule;
import org.passay.PasswordData;
import org.passay.PasswordValidator;
import org.passay.Rule;
import org.passay.RuleResult;
import org.passay.WhitespaceRule;

public class PassayDemo {
   public static void main(String[] args) throws FileNotFoundException, IOException {
      //Rule 1: Password length should be in between 
      //8 and 16 characters
      Rule rule1 = new LengthRule(8, 16);        
      //Rule 2: No whitespace allowed
      Rule rule2 = new WhitespaceRule();        
	  
	  // Define a M of N rule
      CharacterCharacteristicsRule rule3 = new CharacterCharacteristicsRule();        
      
	  // Define M - Mandatory characters count
      rule3.setNumberOfCharacteristics(3);        
      
	  // Define elements of N (upper, lower, digit, symbol)
	  //Rule 3.a: One Upper-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.UpperCase, 1));        
      //Rule 3.b: One Lower-case character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.LowerCase, 1));        
      //Rule 3.c: One digit
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Digit, 1));        
      //Rule 3.d: One special character
      rule3.getRules().add(new CharacterRule(EnglishCharacterData.Special, 1));

      PasswordValidator validator = new PasswordValidator(rule1, rule2, rule3);        
      PasswordData password = new PasswordData("microsoft123");        
      RuleResult result = validator.validate(password);

      if(result.isValid()){
         System.out.println("Password validated.");
      } else {
         System.out.println("Invalid Password: " + validator.getMessages(result));            
      }
   }
}

Output

Compile and run the code to verify the result −

Invalid Password: [Password must contain 1 or more uppercase characters., Password must contain 1 or more special characters., Password matches 2 of 4 character rules, but 3 are required.]
Print Page
Previous
Next
Advertisements