Hi Dimuthu,
On Sat, Feb 4, 2012 at 2:40 PM, Dimuthu Leelarathne <[email protected]>wrote:
>
> Hi Nirmal,
>
> By design the password length of Carbon platform is configurable. Please
> have a look at user-mgt.xml
>
> <Property name="PasswordJavaScriptRegEx">[\\S]{5,30}</Property>
>
> Since Java and JS use slightly different ways for expressing regular
> expressions there should be another attribute in user-mgt.xml as follows.
> This already there for others - username length and etc..
>
> <Property name="PasswordJavaRegEx">xyz</Property>
>
> We should use this information EVERYWHERE to do password validation. This
> includes ALL JS validation in the front end as well.
>
+1, will examine on those properties, thanks for pointing them out.
Currently, I see it's a total mess. In many places people have implemented
their own password validation methods, see [1] for another example.
[1]
function validatePassword(fld) {
var error = "";
var illegalChars = /[\W_]/; // allow only letters and numbers
if (fld.value == "") {
error = org_wso2_carbon_registry_common_ui_jsi18n["no.password"] +
"<br />";
} else if ((fld.value.length < 3) || (fld.value.length > 15)) {
error = org_wso2_carbon_registry_common_ui_jsi18n["wrong.password"]
+ "<br />";
} else if (illegalChars.test(fld.value)) {
error =
org_wso2_carbon_registry_common_ui_jsi18n["illegal.password"] + "<br />";
} /*else if (!((fld.value.search(/(a-z)+/)) &&
(fld.value.search(/(0-9)+/)))) {
error = "The password must contain at least one numeral.<br />";
} */else {
fld.style.background = 'White';
}
return error;
}
> thanks,
> dimuthul
>
>
> On Sat, Feb 4, 2012 at 2:01 PM, Afkham Azeez <[email protected]> wrote:
>
>> No, that's not the correct bundle. May be a method in CarbonUtil would do
>>
>> --
>> Afkham Azeez
>> Sent from my phone
>> On Feb 4, 2012 11:49 AM, "Nirmal Fernando" <[email protected]> wrote:
>>
>>> Hi,
>>>
>>> On Mon, Jan 30, 2012 at 9:24 AM, Afkham Azeez <[email protected]> wrote:
>>>
>>>> Please fix this to do the password requirements validation from a
>>>> single place. The length should be the same in all cases.
>>>>
>>> Will it be right to do the password validation at
>>> "org.wso2.carbon.registry.common.ui" (inside registry component)? or Is
>>> there a more suitable place?
>>>
>>> --
>>>> Afkham Azeez
>>>> Sent from my phone
>>>> On Jan 28, 2012 10:27 AM, "Nirmal Fernando" <[email protected]> wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> When you create a new domain in Stratos minimum password length
>>>>> requirement is 6, but after logged in when you adding a new user minimum
>>>>> password length requirement is 5 (which can only be seen in the error
>>>>> message pop up, when u enter a <5 character password).
>>>>>
>>>>> Is this a design decision? If we have this inconsistency isn't it
>>>>> better to add a tip mentioning minimum password length requirement when
>>>>> you
>>>>> create a new user.
>>>>>
>>>>> PS: this is related to issue at
>>>>> https://wso2.org/jira/browse/CARBON-12290
>>>>>
>>>>> Thanks
>>>>>
>>>>> --
>>>>>
>>>>> regards,
>>>>> Nirmal
>>>>>
>>>>> Software Engineer, WSO2 Inc.
>>>>> mobile: +94715779733
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Carbon-dev mailing list
>>>>> [email protected]
>>>>> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
>>>>>
>>>>>
>>>> _______________________________________________
>>>> Carbon-dev mailing list
>>>> [email protected]
>>>> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
>>>>
>>>>
>>>
>>>
>>> --
>>>
>>> Thanks & regards,
>>> Nirmal
>>>
>>> Software Engineer- Platform, WSO2 Inc.
>>> Mobile: +94715779733
>>> Blog: http://nirmalfdo.blogspot.com/
>>>
>>
>> _______________________________________________
>> Carbon-dev mailing list
>> [email protected]
>> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
>>
>>
>
>
> --
> Dimuthu Leelarathne
> Technical Lead
>
> WSO2, Inc. (http://wso2.com)
> email: [email protected]
>
>
> Lean . Enterprise . Middleware
>
>
--
Thanks & regards,
Nirmal
Software Engineer- Platform, WSO2 Inc.
Mobile: +94715779733
Blog: http://nirmalfdo.blogspot.com/
_______________________________________________
Carbon-dev mailing list
[email protected]
http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
