Package com.axelor.auth.password

Interface AuthPasswordManager

All Known Implementing Classes:

DefaultAuthPasswordManager

public interface AuthPasswordManager

Manages password validation by aggregating all registered PasswordPolicy rules.

Policies are contributed via Guice Multibindings, allowing downstream modules to add custom rules without replacing the manager.

Method Summary

Modifier and Type	Method	Description
List<PolicyDescription>	getDescriptions()	Returns the descriptions of all currently enabled policies, in evaluation order.
InvalidPolicy	validate(String password, User user)	Validates the given password against all registered policies.

Method Details

validate

InvalidPolicy validate(String password,
 @Nullable
 User user)

Validates the given password against all registered policies.

Policies are checked in sequence and stop at the first violation.

Parameters:

password - the plain-text password to validate

user - the user for context-aware checks, or null for new users

Returns:

an InvalidPolicy describing the first violated policy, or null if all policies pass

getDescriptions

List<PolicyDescription> getDescriptions()

Returns the descriptions of all currently enabled policies, in evaluation order. Policies that return null from PasswordPolicy.getDescription() are excluded.

The resulting list is intended to be displayed as guidance on the login or change-password page, before the user submits a new password.

Returns:

an ordered list of policy descriptions