Announcement Announcement Module
Collapse
No announcement yet.
Can I configure the password format in the Spring Security Plugin? Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Can I configure the password format in the Spring Security Plugin?

    I am new to the Spring Security plugin - is there a way to do this?

    i.e., require the password to be alphanumeric, or a phrase, via a regex or something?

    Thanks!

    --Bill

  • #2
    You would do this with a constraint in your user/person class on the password field. See http://grails.org/doc/latest/guide/s...%20Constraints

    If your requirements are more complex than the standard constraint options then you can easily create a custom validator and define multiple rules there: http://grails.org/doc/latest/ref/Con...validator.html

    For example here's a custom validator that requires that the password not be equal to the username, have between 8 and 64 characters, have at least one letter, at least one number, and at least one special character (one of !@#$%^&):

    Code:
    static constraints = {
       password validator: { String password, user ->
          if (user.username && user.username.equals(password)) {
             return 'user.password.error.username'
          }
    
          if (password && password.length() >= 8 && password.length() <= 64 &&
                (!password.matches('^.*\\p{Alpha}.*$') ||
                !password.matches('^.*\\p{Digit}.*$') ||
                !password.matches('^.*[!@#$%^&].*$'))) {
             return 'user.password.error.username'
          }
       }
    }
    This assumes your user/person class name is User - if it's not then change the 'user.' prefix in the returned error codes. You'd also need to specify values for 'user.password.error.username' and 'user.password.error.username' in grails-app/i18n/messages.properties

    Comment


    • #3
      Much appreciated Burt!

      I totally missed that in the RegisterController code.

      --Bill

      Comment

      Working...
      X