com.waveset.policy
Class StringQualityPolicy

java.lang.Object
  extended bycom.waveset.policy.PolicyImplementation
      extended bycom.waveset.policy.StringQualityPolicy

public class StringQualityPolicy
extends PolicyImplementation


Field Summary
static java.lang.String[] ALLOWED_ALL_CHAR_TYPES
           
static java.lang.String[] ALPHA_CHAR_TYPES
           
static java.lang.String[] CHAR_TYPE_RULES
           
static java.lang.String CHECK_DICTIONARY
           
static java.lang.String code_id
           
static java.lang.String DESC
          The description to use in the prototype instance.
static java.lang.String DISALLOW_DUPLICATE_ANSWERS
          A policy attribute that determines whether answers to Authentication Questions can be duplicated within a login interface.
static java.lang.String DISALLOW_QUESTION_WORDS_IN_ANSWERS
          A policy attribute that determines whether answers may contain words from the corresponding question.
static java.lang.String DN_FORMAT
          Flag to indicate that the account Id must conform to the LDAP DN format
static java.lang.String DONT_MATCH_REGEXP
          Attributes for unimplemented policy restrictions
static java.lang.String[][] INCOMPATIBLE_CHAR_TYPE_RULES
           
static java.lang.String[] INCOMPATIBLE_NUMERIC_RULES
           
static java.lang.String[] INCOMPATIBLE_START_RULES
           
static java.lang.String KEY_OTHER_ANSWERS
          Key into map for list of other answers, used when checking (DISALLOW_DUPLICATE_ANSWERS)
static java.lang.String KEY_QUESTION_WORDS
          Key into map for list of question words, used when checking (DISALLOW_QUESTION_WRODS_IN_ANSWERS)
static java.lang.String[] LENGTH_RULES
           
static java.lang.String MAX_ALPHA
          Must not contain more than N alpha characters.
static java.lang.String MAX_EMBEDDED_SPACES
          A policy attribute that specifies the maximum number of spaces that can be embedded in the string (no string can have leading or trailing spaces)
static java.lang.String MAX_LEN
          A policy attribute that specifies the maximum length of the string.
static java.lang.String MAX_LOWER
          Must not contain more than N lowercase characters.
static java.lang.String MAX_NUMERIC
          Must not contain more than N numeric characters.
static java.lang.String MAX_OCCURENCES
          A policy attribute that specifies the Maximum number of times one character can occur, irrespective of its placement in a string (e.g.
static java.lang.String MAX_REPETITIVE
          A policy attribute that specifies the maximum number of repetitive, adajcent characters or numbers in the string (e.g.
static java.lang.String MAX_SEQUENTIAL
          A policy attribute that specifies the maximum number of sequential numbers (e.g.
static java.lang.String MAX_SPECIAL
          Must not contain more than N special characters.
static java.lang.String MAX_UPPER
          Must not contain more than N uppercase characters.
static java.lang.String MIN_ALPHA
          A policy attribute that specifies the minimum number of alphabetic characters
static java.lang.String MIN_CHAR_TYPE_RULES_REQUIRED_TO_PASS
          A policy attribute that specifies how many of the selected character type rules have to pass for validation to succeed
static java.lang.String MIN_EMBEDDED_NUMERIC
          The number of embedded numeric chars required (not the first or last)
static java.lang.String MIN_LEN
          A policy attribute that specifies the minimum length of the string.
static java.lang.String MIN_LOWER
          A policy attribute that specifies the minimum number of lowercase letters
static java.lang.String MIN_NUMERIC
          A policy attribute that specifies the minimum number of numeric characters
static java.lang.String MIN_SPECIAL
          Must contain N special chars
static java.lang.String MIN_START_ALPHA
          The number of alpha chars required at beginning
static java.lang.String MIN_START_NUMERIC
          The number of numeric chars required at beginning
static java.lang.String MIN_UPPER
          A policy attribute that specifies the minimum number of uppercase letters
static java.lang.String MUST_MATCH_REGEXP
           
static java.lang.String MUST_NOT_CONTAIN
          A policy attribute that specifies the list of attribute values the value cannot contain (e.g.
static java.lang.String MUST_NOT_CONTAIN_WORDS
          A policy attribute that specifies the list of words the value cannot contain (e.g.
static java.lang.String[] NUMERIC_CHAR_TYPES
           
static java.lang.String PASSWORD_HISTORY_DEPTH
          A policy attribute that specifies the number of previous passwords that should be kept per user, per resource.
static java.lang.String PASSWORD_HISTORY_MAX_SIMILAR_CHARS_ALLOWED
          A policy attribute that specifies the maximum number of similar characters that can be reused when compared to previous passwords stored in password history.
static java.lang.String PROTONAME
          The name to use in our prototype instance.
static java.lang.String SPECIAL_CHARS
           
static java.lang.String TYPE
          A policy attribute that can be used to supply a string used to make formatting message clearer.
 
Fields inherited from class com.waveset.policy.PolicyImplementation
ALL_CHARS, NO_VALUE, trace
 
Constructor Summary
StringQualityPolicy()
          Create an empty policy object.
 
Method Summary
 void check(Policy policy, java.lang.Object value, java.util.Map map, java.util.List pwdhistory, java.lang.String owner)
          Tests a string for certain characteristics.
 void check(Policy policy, java.lang.Object value, java.lang.String owner)
          Analyzes a single value for adherance to the policy.
 java.lang.Object generate(Policy policy)
          Generate an identifier that is consistent with the policy.
 java.lang.Object generate(Policy policy, java.util.Map map, java.util.List pwdHistory)
          Generate an object that would pass the check() method for this policy.
 byte[] generateByteArray(Policy policy)
          Generate an identifier that is consistent with the policy.
 java.lang.Object getAllowedAttributeValues(java.lang.String name, java.lang.String type)
          Called by PolicyForm to decide whether to put up a multiselect in which case it returns a list of String, or a text box for Integer arguments.
static java.lang.String getAttributeDisplayName(java.lang.String attributeName)
           
static java.lang.String[] getAttributeNames()
           
 Policy getPrototype()
          Returns the prototype instance for this policy.
static boolean validCharacterRules(Policy policy)
           
 
Methods inherited from class com.waveset.policy.PolicyImplementation
checkPolicyArg, getAllowedAttributeValues, getAttributeFromUser, getBooleanAttribute, getContext, getIntAttribute, getIntAttribute, getObjectAttribute, getStringAttribute, getStringListAttribute, getUserPropertyName, getValue, setAttributeOnUser, setContext
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

code_id

public static final java.lang.String code_id
See Also:
Constant Field Values

PROTONAME

public static final java.lang.String PROTONAME
The name to use in our prototype instance.

See Also:
Constant Field Values

DESC

public static final java.lang.String DESC
The description to use in the prototype instance. !! This should be in a message catalog.

See Also:
Constant Field Values

TYPE

public static final java.lang.String TYPE
A policy attribute that can be used to supply a string used to make formatting message clearer. For example, if the policy is used for passwords, setting this policy attribute to "password" will make it clear what policy has been violated. This is especially important for StringQualityPolicy since it can be used in many contexts.


MIN_LEN

public static final java.lang.String MIN_LEN
A policy attribute that specifies the minimum length of the string.

See Also:
Constant Field Values

MAX_LEN

public static final java.lang.String MAX_LEN
A policy attribute that specifies the maximum length of the string.

See Also:
Constant Field Values

MIN_ALPHA

public static final java.lang.String MIN_ALPHA
A policy attribute that specifies the minimum number of alphabetic characters

See Also:
Constant Field Values

MIN_NUMERIC

public static final java.lang.String MIN_NUMERIC
A policy attribute that specifies the minimum number of numeric characters

See Also:
Constant Field Values

MIN_UPPER

public static final java.lang.String MIN_UPPER
A policy attribute that specifies the minimum number of uppercase letters

See Also:
Constant Field Values

MIN_LOWER

public static final java.lang.String MIN_LOWER
A policy attribute that specifies the minimum number of lowercase letters

See Also:
Constant Field Values

MAX_OCCURENCES

public static final java.lang.String MAX_OCCURENCES
A policy attribute that specifies the Maximum number of times one character can occur, irrespective of its placement in a string (e.g. abaca, 1f1gc1, etc.).

See Also:
Constant Field Values

MAX_REPETITIVE

public static final java.lang.String MAX_REPETITIVE
A policy attribute that specifies the maximum number of repetitive, adajcent characters or numbers in the string (e.g. aaabc, 11ff1, 665466, etc.)

See Also:
Constant Field Values

MAX_SEQUENTIAL

public static final java.lang.String MAX_SEQUENTIAL
A policy attribute that specifies the maximum number of sequential numbers (e.g. 1234, 567, etc.)

See Also:
Constant Field Values

MUST_NOT_CONTAIN

public static final java.lang.String MUST_NOT_CONTAIN
A policy attribute that specifies the list of attribute values the value cannot contain (e.g. password cannot contain accountId, lastname, or firstname)

See Also:
Constant Field Values

MUST_NOT_CONTAIN_WORDS

public static final java.lang.String MUST_NOT_CONTAIN_WORDS
A policy attribute that specifies the list of words the value cannot contain (e.g. password cannot contain Kraft, Nabisco, Cheese, etc.)

See Also:
Constant Field Values

MIN_START_ALPHA

public static final java.lang.String MIN_START_ALPHA
The number of alpha chars required at beginning

See Also:
Constant Field Values

MIN_START_NUMERIC

public static final java.lang.String MIN_START_NUMERIC
The number of numeric chars required at beginning

See Also:
Constant Field Values

MIN_EMBEDDED_NUMERIC

public static final java.lang.String MIN_EMBEDDED_NUMERIC
The number of embedded numeric chars required (not the first or last)

See Also:
Constant Field Values

MAX_EMBEDDED_SPACES

public static final java.lang.String MAX_EMBEDDED_SPACES
A policy attribute that specifies the maximum number of spaces that can be embedded in the string (no string can have leading or trailing spaces)

See Also:
Constant Field Values

MIN_CHAR_TYPE_RULES_REQUIRED_TO_PASS

public static final java.lang.String MIN_CHAR_TYPE_RULES_REQUIRED_TO_PASS
A policy attribute that specifies how many of the selected character type rules have to pass for validation to succeed

See Also:
Constant Field Values

MIN_SPECIAL

public static final java.lang.String MIN_SPECIAL
Must contain N special chars

See Also:
Constant Field Values

CHECK_DICTIONARY

public static final java.lang.String CHECK_DICTIONARY
See Also:
Constant Field Values

MAX_ALPHA

public static final java.lang.String MAX_ALPHA
Must not contain more than N alpha characters.

See Also:
Constant Field Values

MAX_NUMERIC

public static final java.lang.String MAX_NUMERIC
Must not contain more than N numeric characters.

See Also:
Constant Field Values

MAX_UPPER

public static final java.lang.String MAX_UPPER
Must not contain more than N uppercase characters.

See Also:
Constant Field Values

MAX_LOWER

public static final java.lang.String MAX_LOWER
Must not contain more than N lowercase characters.

See Also:
Constant Field Values

MAX_SPECIAL

public static final java.lang.String MAX_SPECIAL
Must not contain more than N special characters.

See Also:
Constant Field Values

DN_FORMAT

public static final java.lang.String DN_FORMAT
Flag to indicate that the account Id must conform to the LDAP DN format

See Also:
Constant Field Values

SPECIAL_CHARS

public static final java.lang.String SPECIAL_CHARS
See Also:
Constant Field Values

LENGTH_RULES

public static final java.lang.String[] LENGTH_RULES

CHAR_TYPE_RULES

public static final java.lang.String[] CHAR_TYPE_RULES

ALLOWED_ALL_CHAR_TYPES

public static final java.lang.String[] ALLOWED_ALL_CHAR_TYPES

ALPHA_CHAR_TYPES

public static final java.lang.String[] ALPHA_CHAR_TYPES

NUMERIC_CHAR_TYPES

public static final java.lang.String[] NUMERIC_CHAR_TYPES

INCOMPATIBLE_NUMERIC_RULES

public static final java.lang.String[] INCOMPATIBLE_NUMERIC_RULES

INCOMPATIBLE_START_RULES

public static final java.lang.String[] INCOMPATIBLE_START_RULES

INCOMPATIBLE_CHAR_TYPE_RULES

public static final java.lang.String[][] INCOMPATIBLE_CHAR_TYPE_RULES

PASSWORD_HISTORY_DEPTH

public static final java.lang.String PASSWORD_HISTORY_DEPTH
A policy attribute that specifies the number of previous passwords that should be kept per user, per resource. These previous passwords will be used to validate that a user's new password does not match any of the "history depth" stored previous passwords. All store passwords are one-way hashed for privacy.

See Also:
Constant Field Values

PASSWORD_HISTORY_MAX_SIMILAR_CHARS_ALLOWED

public static final java.lang.String PASSWORD_HISTORY_MAX_SIMILAR_CHARS_ALLOWED
A policy attribute that specifies the maximum number of similar characters that can be reused when compared to previous passwords stored in password history. The previous passwords will be used to validate that a user's new password is not similar to any of the "history depth" stored previous passwords, where similar to means that there are no more than 'n' number of characters that are the same in the new password as any of the previous ones. For example, specifying max similar chars with a value of '8' would prevent a user from specifying passwords like "password1", "password2", "password3", etc. Exact match will still be check for first. If no exact match is found and this policy attribute's value is not 0, this "similar to" check will be performed on each previous password. Since this requires the ability to do byte-by-byte comparisons of the new password with the previous ones, the previous passwords can no longer be hashed, but instead are now encrypted.

See Also:
Constant Field Values

DISALLOW_DUPLICATE_ANSWERS

public static final java.lang.String DISALLOW_DUPLICATE_ANSWERS
A policy attribute that determines whether answers to Authentication Questions can be duplicated within a login interface.

See Also:
Constant Field Values

KEY_OTHER_ANSWERS

public static final java.lang.String KEY_OTHER_ANSWERS
Key into map for list of other answers, used when checking (DISALLOW_DUPLICATE_ANSWERS)

See Also:
Constant Field Values

DISALLOW_QUESTION_WORDS_IN_ANSWERS

public static final java.lang.String DISALLOW_QUESTION_WORDS_IN_ANSWERS
A policy attribute that determines whether answers may contain words from the corresponding question.

See Also:
Constant Field Values

KEY_QUESTION_WORDS

public static final java.lang.String KEY_QUESTION_WORDS
Key into map for list of question words, used when checking (DISALLOW_QUESTION_WRODS_IN_ANSWERS)

See Also:
Constant Field Values

DONT_MATCH_REGEXP

public static final java.lang.String DONT_MATCH_REGEXP
Attributes for unimplemented policy restrictions

See Also:
Constant Field Values

MUST_MATCH_REGEXP

public static final java.lang.String MUST_MATCH_REGEXP
See Also:
Constant Field Values
Constructor Detail

StringQualityPolicy

public StringQualityPolicy()
Create an empty policy object.

Method Detail

getPrototype

public Policy getPrototype()
                    throws WavesetException
Returns the prototype instance for this policy.

Specified by:
getPrototype in class PolicyImplementation
Throws:
WavesetException

getAttributeNames

public static java.lang.String[] getAttributeNames()

getAttributeDisplayName

public static java.lang.String getAttributeDisplayName(java.lang.String attributeName)

getAllowedAttributeValues

public java.lang.Object getAllowedAttributeValues(java.lang.String name,
                                                  java.lang.String type)
Called by PolicyForm to decide whether to put up a multiselect in which case it returns a list of String, or a text box for Integer arguments.


check

public void check(Policy policy,
                  java.lang.Object value,
                  java.util.Map map,
                  java.util.List pwdhistory,
                  java.lang.String owner)
           throws PolicyViolation,
                  WavesetException
Tests a string for certain characteristics.

Specified by:
check in class PolicyImplementation
Throws:
PolicyViolation
WavesetException

check

public void check(Policy policy,
                  java.lang.Object value,
                  java.lang.String owner)
           throws PolicyViolation,
                  WavesetException
Description copied from class: PolicyImplementation
Analyzes a single value for adherance to the policy.

A policy object representing a particular "instance" of this policy implementation is passed in. This object supplies zero or more "policy attributes" which can be used to tailor the behavior of the policy.

Specified by:
check in class PolicyImplementation
Throws:
PolicyViolation - if the value violates the policy.
WavesetException - if an internal error was encountered.

generate

public java.lang.Object generate(Policy policy,
                                 java.util.Map map,
                                 java.util.List pwdHistory)
                          throws WavesetException
Description copied from class: PolicyImplementation
Generate an object that would pass the check() method for this policy.

Overrides:
generate in class PolicyImplementation
Throws:
WavesetException

generate

public java.lang.Object generate(Policy policy)
                          throws WavesetException
Generate an identifier that is consistent with the policy.

Overrides:
generate in class PolicyImplementation
Throws:
WavesetException

generateByteArray

public byte[] generateByteArray(Policy policy)
                         throws WavesetException
Generate an identifier that is consistent with the policy.

Overrides:
generateByteArray in class PolicyImplementation
Throws:
WavesetException

validCharacterRules

public static boolean validCharacterRules(Policy policy)
                                   throws WavesetException
Throws:
WavesetException