0

I am using following regular expression my java code. 

^.*(?=.{6,20})(?=.*[a-z].*[a-z])(?=.*[A-Z])(?=.*[0-9]).*$

When I am trying to use same in xml as 

^.\*(\?=.{6,20})(\?=.\*[a-z].\*[a-z])(\?=.\*[A-Z])(\?=.\*[0-9]).\*$

It is not working. It showing exception as below.

java.lang.IllegalArgumentException: cvc-pattern-valid: Value 'narendra1A' is not facet-valid with respect to pattern '^.*(\?=.{6,20})(\?=.*[a-z].*[a-z])(\?=.*[A-Z])(\?=.*[0-9]).*$' for type '#AnonType_passwordcreateUser'.

Can any one help in this regard.

Thanks,

Narendra

Improve this question
3
  • Unrelated to the question, but you should remove the first .* right after the ^. It's unnecessary and makes your regex very inefficient. Also, if you think you're restricting the password length to 6-20 characters, you're not. A 100-character string will pass this regex just fine. Commented Dec 8, 2010 at 11:01
  • 1
    Why is there an upper limit of 20 characters? Commented Dec 8, 2010 at 11:02
  • @Gumbo: Doesn't matter, any string longer than 5 characters will pass, if you look at the regex closely :) Commented Dec 8, 2010 at 11:03

4 Answers 4

Reset to default
3

This does not directly answer your question, but it may be a better option for you than trying to do password quality checks with regexes.

The vt-password library is an excellent Java library that implements rule-based password quality checking. In addition to counting characters / character classes, it does things like checking against dictionaries, checking for passwords used previously, checking for repeated characters, etc.

(If you are using Spring, it is pretty simple to configure the password rule objects in a Spring XML wiring file. This allows you to adjust the rules without changing your code.)

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Password Regular Expression Pattern

((?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%]).{6,20})

Description

(           # Start of group
  (?=.*\d)      #   must contains one digit from 0-9
  (?=.*[a-z])   #   must contains one lowercase characters
  (?=.*[A-Z])   #   must contains one uppercase characters
  (?=.*[@#$%])  #   must contains one special symbols in the list "@#$%"
     .          #     match anything with previous condition checking
       {6,20}   #        length at least 6 characters and maximum of 20 
)           # End of group
Improve this answer

1 Comment

Better use the complements instead of .. So \D*\d, [^a-z]*[a-z], [^A-Z]*[A-Z], etc.
0

Your pattern uses characters forbidden in XML document. To make things simple put password into CDATA.

Improve this answer

Comments

0

Try this

^.\*(\?:.{6,20})(\?:.\*[a-z].\*[a-z])(\?:.\*[A-Z])(\?:.\*[0-9]).\*$
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.