If we wanted to let the user create a password
- According to our condition/ruleset.
- Also enabling the user to have a strong password.
We can use a regex pattern to do this; in a web controller class action method or in user's view model and using @Pattern model validation attribute for this password field.
We have validated username requirement in previous post.
Username Validator
- Let's assume our solution requires its user passwords to have the following password requirements.
| Type | Constraints |
|---|---|
| Length of password | More than 10 characters |
| Containing a digit | At least one digit |
| A uppercase letter | At least one Uppercase letter |
| A lowercase letter | At least one lowercase letter |
| A special character | At least one $pecial character |
Our regex pattern is as below.
String regex =
"^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&-+=()]).{10,}$";
- The classes that used in this regex pattern are explained below.
^
This denotes the first character of the string.
[0-9]
[a-z]
[A-Z]
To match a digit, match a lowercase letter and a uppercase letter respectively.
[@#$%^&-+=()]
The set of special characters we let the user to have in their password.
Notice that exclamation mark and question mark are excluded.
Therefore, user is not allowed to use those.
So include all allowed special characters inside square brackets.
.
Denotes characters except line breaks (\n or \r)
*
Denotes one or more characters
(?=.*[0-9])
This group contains the number match. In whole password input at least one character should be a digit.
?= is called a 'Positive Lookahead'.
A positive lookahead is a rule to denote the place in which the inside expression comes.
In our problem, the place requirement is negligible.
So in this case inside expression is ".*[0-9]" So it checks the whole input and checks if digits exist.
This applied to lowercase, uppercase, special character groups also.
.{10,}
The length constraint which is that user password should contain 10 or more characters.
$
This denotes the end of the pattern.
The following Java program demonstrates our problem and solution.
import java.util.regex.*;
class Main {
public static void main(String[] args) {
String regex =
"^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&-+=()]).{10,}$";
Pattern p = Pattern.compile(regex);
String input = "0aA@123456";
Matcher m = p.matcher(input);
String isValidPassword = m.matches()
? "Valid Password" : "Invalid Password";
System.out.println(isValidPassword);
}
}
Latest comments (1)
Cool! Still trying to learn regEx. I do not need it much, but always end up thinking I should learn more about this great tool whenever I really need it!