You would do this with a constraint in your user/person class on the password field. See http://grails.org/doc/latest/guide/s...%20Constraints
If your requirements are more complex than the standard constraint options then you can easily create a custom validator and define multiple rules there: http://grails.org/doc/latest/ref/Con...validator.html
For example here's a custom validator that requires that the password not be equal to the username, have between 8 and 64 characters, have at least one letter, at least one number, and at least one special character (one of !@#$%^&):
Code:
static constraints = {
password validator: { String password, user ->
if (user.username && user.username.equals(password)) {
return 'user.password.error.username'
}
if (password && password.length() >= 8 && password.length() <= 64 &&
(!password.matches('^.*\\p{Alpha}.*$') ||
!password.matches('^.*\\p{Digit}.*$') ||
!password.matches('^.*[!@#$%^&].*$'))) {
return 'user.password.error.username'
}
}
}
This assumes your user/person class name is User - if it's not then change the 'user.' prefix in the returned error codes. You'd also need to specify values for 'user.password.error.username' and 'user.password.error.username' in grails-app/i18n/messages.properties
Junior Member
Can I configure the password format in the Spring Security Plugin?
Reply With Quote
