密码强度检查库 [英] Password strength checking library
问题描述
任何人都可以推荐一个包含适合在webapp中执行服务器端密码强度检查的方法的Java库。理想情况下,检查器应该是:
Can anyone recommend a Java library that contains methods that are suitable for performing server-side password strength checking in a webapp. Ideally the checker should be:
- 可配置,允许部署者提供不同的词典,调整不同标准的权重,等等
- 可扩展,允许在需要时实施新标准
- 在纯Java中实现
- 没有从根本上与标记库交织在一起,UI组件或密码管理功能
- 与GPL 3项目兼容
- 与Spring布线兼容
- mavenized(理想情况下可通过Maven Central获得)
- configurable, allowing the deployer to supply different dictionaries, adjust weights of different criteria, and so on
- extensible allowing new criteria to be implemented if required
- implemented in pure Java
- not fundamentally intertwined with a tag libraries, UI components or "password management" functionality
- compatible with a GPL 3 project
- compatible with Spring wiring
- mavenized (ideally available through Maven Central)
推荐答案
看看 vt-password :
- 可配置,允许部署者提供不同的词典,调整不同标准的权重,等等 - 部分(是可配置的,词典,不是加权标准)
- ex紧张,允许在需要时实施新标准 - 是
- 在纯Java中实现 - 是(和体面的javadoc)
- 没有从根本上与标签库,UI组件或密码管理功能交织在一起 - 是
- 与GPL 3项目兼容 - 是(截至2013年11月LGPLv3 / APLv2双重许可)
- 与Spring布线兼容 - 看起来像
- mavenized(理想情况下可通过Maven Central获得) - 是(从版本3.0开始在中央)
- configurable, allowing the deployer to supply different dictionaries, adjust weights of different criteria, and so on - Partially (yes to configurable, dictionaries, no to weighted criteria)
- extensible allowing new criteria to be implemented if required - Yes
- implemented in pure Java - Yes (and decent javadoc)
- not fundamentally intertwined with a tag libraries, UI components or "password management" functionality - Yes
- compatible with a GPL 3 project - Yes (LGPLv3/APLv2 dual-licensed as of November 2013)
- compatible with Spring wiring - Looks like
- mavenized (ideally available through Maven Central) - Yes (in central since version 3.0)
由@Stephen C更新。
Update by @Stephen C.
执行vt-password的人已经进行了大量的API改进因为问题最初得到了解答,其中一个结果是使用Spring IoC更容易配置类。他们还将其上传到Maven Central: http://mvnrepository.com/artifact/ edu.vt.middleware / vt-password
The guys who do vt-password have made a number of API improvements since the question was originally answered, and one of the outcomes is that the classes are much easier to configure using Spring IoC. They have also uploaded it to Maven Central: http://mvnrepository.com/artifact/edu.vt.middleware/vt-password
这篇关于密码强度检查库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
