aspose file tools*
The moose likes Beginning Java and the fly likes Regular Expressions help Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » Beginning Java
Bookmark "Regular Expressions help" Watch "Regular Expressions help" New topic
Author

Regular Expressions help

tom davies
Ranch Hand

Joined: Apr 27, 2012
Posts: 168
I am trying to make a regular expression in the form of a password validator.
I want the passwords to be between 8 and 12 characters long and contain at least 1 lower case character, upper case character, digit, and a selection of special characters.
I also want to make sure it doesn't start with anything like 123, abc or ABC.
Below is what i have so far, i am not sure how to check if the first 3 characters match the sequences above what i have tried so far just matches a single character, also some passwords are accepted even if they contain only upper case letters.

Mansukhdeep Thind
Ranch Hand

Joined: Jul 27, 2010
Posts: 1157

Give me examples of what you would consider as a valid and invalid password? The we can start framing the filter expression.


~ Mansukh
fred rosenberger
lowercase baba
Bartender

Joined: Oct 02, 2003
Posts: 11422
    
  16

My suggestion would be to NOT try and do this with a single regex. I'd personally write several methods, each which does a specific test. If your password requirements change in a week or a year and you have one regex, you have to basically start over. However, if you have 12 methods that each do one thing, it is much easier.

So, I'd have a methods that:

  • checks to be sure it is at least 8 chars
  • checks to be sure it is no more than 12 chars
  • checks to be sure it has at least one lowercase letter
  • etc..


  • Notice that by breaking it out this way, each piece is almost trivial to write. Then you have one encompassing method that calls each of these. When you password requirements change, it will be a piece of cake to come back and update your code.


    There are only two hard things in computer science: cache invalidation, naming things, and off-by-one errors
    tom davies
    Ranch Hand

    Joined: Apr 27, 2012
    Posts: 168
    Mansukhdeep Thind wrote:Give me examples of what you would consider as a valid and invalid password? The we can start framing the filter expression.


    Valid passwords could be
    ahorQE1!?
    @weAD35q
    Any combination of letters (capital or lowercase), numbers and the special characters !$£*?#@

    Invalid passwords would be
    abcrtfQR1
    123FHTabv!
    ar@
    gor!@345teoaq
    A password starting with abc, ABC or 123 or one which is less than 8 or greater than 12 characters. An invalid password would also not have at least 1 lowercase letter, uppercase letter, digit and special character

    Splitting it up would make it much simper to check which bits were and were not working. I would still have the problem of not knowing how to check for invalid passwords starting with the sequences abc, 123 etc

    Joanne Neal
    Rancher

    Joined: Aug 05, 2005
    Posts: 3681
        
      16
    fred rosenberger wrote:So, I'd have a methods that:

  • checks to be sure it is at least 8 chars
  • checks to be sure it is no more than 12 chars
  • checks to be sure it has at least one lowercase letter
  • etc..

  • I think it's implied in Fred's post but to be clear, not all of these methods need to use regex. There will be better options for some of them.


    Joanne
    Mansukhdeep Thind
    Ranch Hand

    Joined: Jul 27, 2010
    Posts: 1157

    Go with Fred's advice Tom. Follow basic principle of isolating required functionality amongst different methods. Within those methods, you could use regex to validate a single condition. For the how part, you need to study regex carefully. My advice would be to start with simpler use cases at first. Then gradually move on to more complex scenarios.
    Joanne Neal
    Rancher

    Joined: Aug 05, 2005
    Posts: 3681
        
      16
    tom davies wrote:A password starting with abc, ABC or 123

    Is it just abc and 123 which is invalid or is bcd, def, 456, etc invalid as well.
    i.e. is it any three consecutive characters that you want to avoid ?
    If so, run the following code and see if that gives you any ideas.
    tom davies
    Ranch Hand

    Joined: Apr 27, 2012
    Posts: 168
    Currently it is only abc not other consecutive characters. Thanks for the help though and i will see what i can come up with.
    fred rosenberger
    lowercase baba
    Bartender

    Joined: Oct 02, 2003
    Posts: 11422
        
      16

    well...as with all programming problems, the best way to figure out how to do it is to turn off you computer, and write out the steps IN ENGLISH (or whatever natural language you choose) as if you were explaining to a small child how to do it.

    Once you do that, and revise/simplify it 4-5 times, THEN you start coding it.
    tom davies
    Ranch Hand

    Joined: Apr 27, 2012
    Posts: 168
    Ok i have some more questions regarding regular expressions.
    It is the same problem but i am revisiting it because i didn't get a fully working model.
    I am starting from scratch and trying to get each part working separately, i have this which ensures i have at least one upper and lowercase letter as well as a digit and special character.
    The only problem is it will only work if i enter them in the order given, how would i let it be in any order?
    Jeff Verdegan
    Bartender

    Joined: Jan 03, 2004
    Posts: 6109
        
        6

    tom davies wrote:
    The only problem is it will only work if i enter them in the order given, how would i let it be in any order?


    I think it's already been suggested, but you'll make your life a lot easier by having separate tests for each rule--and separate regexes (for those tests where a regex is warranted).

    You can achieve what you want with a single regex, but it will be ugly and hard to maintain, and there's no real benefit to doing it that way.

     
    I agree. Here's the link: http://aspose.com/file-tools
     
    subject: Regular Expressions help