Validating passwords in javascript is a *very* bad idea. A hacker then has
access to all your password rules and makes it easier to start guessing
passwords. This is the reason validator doesn't provide a password
validation.
David
From: Raible, Matt [EMAIL PROTECTED]
Reply-To: Struts
: Password rules with the Validator?
Validating passwords in javascript is a *very* bad idea. A
hacker then has
access to all your password rules and makes it easier to
start guessing
passwords. This is the reason validator doesn't provide a password
validation.
David
From: Raible
I've done it before by extending the validator.
validation.xml
form name=form
field property=password depends=password
arg0 key=password/
/field
/form
validator-rules.xml
validator
name=password
classname=ExtendedStrutsValidator
[EMAIL PROTECTED]
To: 'Struts Users Mailing List' [EMAIL PROTECTED]
Subject: RE: Password rules with the Validator?
Date: Fri, 4 Apr 2003 16:06:46 -0700
I agree with the security risk, but since passwords will only be able to be
set by Administrators (after they've logged in) security is not much
4 matches
Mail list logo