Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Java > regular expressions

Reply
Thread Tools

regular expressions

 
 
2rajesh.b@gmail.com
Guest
Posts: n/a
 
      04-24-2006
The password is at least six characters long.

The password contains characters from at least three of the following
five categories:
English uppercase characters (A - Z)
English lowercase characters (a - z)
Base 10 digits (0 - 9)
Non-alphanumeric (for example: !, $, #, or %)
Unicode characters

can u please help me in writing a regular expression for the above
condition

 
Reply With Quote
 
 
 
 
Rhino
Guest
Posts: n/a
 
      04-24-2006
If you read this -
http://java.sun.com/docs/books/tutor...gex/index.html - you should
be able to do your own homework.

If that doesn't work, post your best guess to comp.lang.java.help and tell
us what parts of the code don't work and someone will probably give you a
hint about what you need to do differently.

--
Rhino

<(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
The password is at least six characters long.

The password contains characters from at least three of the following
five categories:
English uppercase characters (A - Z)
English lowercase characters (a - z)
Base 10 digits (0 - 9)
Non-alphanumeric (for example: !, $, #, or %)
Unicode characters

can u please help me in writing a regular expression for the above
condition


 
Reply With Quote
 
 
 
 
Larry Barowski
Guest
Posts: n/a
 
      04-24-2006

"Rhino" <(E-Mail Removed)> wrote in message
news:d743g.437$(E-Mail Removed)...
> If you read this -
> http://java.sun.com/docs/books/tutor...gex/index.html - you
> should be able to do your own homework.


I doubt that it's homework since there isn't a concise regular
expression that fits the bill. That would be a pretty goofy
homework question. Either way, I would suggest that a
regular expression is not the best way to validate that
password.


 
Reply With Quote
 
Roedy Green
Guest
Posts: n/a
 
      04-24-2006
On 24 Apr 2006 05:50:55 -0700, http://www.velocityreviews.com/forums/(E-Mail Removed) wrote, quoted or
indirectly quoted someone who said :

>The password contains characters from at least three of the following
>five categories:
>=B7 English uppercase characters (A - Z)
>=B7 English lowercase characters (a - z)
>=B7 Base 10 digits (0 - 9)
>=B7 Non-alphanumeric (for example: !, $, #, or %)
>=B7 Unicode characters
>
>can u please help me in writing a regular expression for the above
>condition


I think it would be easier to solve this with a char loop that with a
regex. Regexes are about pattern character order. To you, order does
not matter.

Proceed something like this:

invent an Category enum with values
UPPERCASE LOWERCASE DIGITS PUNCT UNICODE

Write a method that categorises a char.

Now your code becomes:

int possibilities = Category.values().length;
boolean present = new boolean[ possibilities ];
for ( int i=0; i<pwlen; i++ )
{
char c = pw[i]; /* or pw.charAt(i)*/
Category cat = Category.categorise( c );
present[ cat.ordinal() ] = true;
}

int cats = 0;
for (int possibility; possibility<possibilities; possibility++)
{
if ( present[ possibility ] cats ++;
}

if ( cats >= 3 ) System.out.println( "password sufficiently varied");

For code to generate random passwords, see
http://mindprod.com/applets/password.html

You might find it easier to generate them that test them.
--
Canadian Mind Products, Roedy Green.
http://mindprod.com Java custom programming, consulting and coaching.
 
Reply With Quote
 
Oliver Wong
Guest
Posts: n/a
 
      04-25-2006
<(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
> The password is at least six characters long.
>
> The password contains characters from at least three of the following
> five categories:
> English uppercase characters (A - Z)
> English lowercase characters (a - z)
> Base 10 digits (0 - 9)
> Non-alphanumeric (for example: !, $, #, or %)
> Unicode characters
>
> can u please help me in writing a regular expression for the above
> condition


All of categories are mutually exclusive except for "Unicode
characters". And any character that you can get in memory via a program
written in Java is a "unicode character", so that last category seems pretty
redundant. Perhaps you mean something like a character within Unicode, but
outside of ASCII?

I'm asking you for clarification because it sounds like the above
requirements were not dreamt up by you, and so you should in turn be asking
whoever assigned you with this task for clarification.

- Oliver

 
Reply With Quote
 
Roedy Green
Guest
Posts: n/a
 
      04-25-2006
On Tue, 25 Apr 2006 19:08:12 GMT, "Oliver Wong" <(E-Mail Removed)>
wrote, quoted or indirectly quoted someone who said :

> All of categories are mutually exclusive except for "Unicode
>characters". And any character that you can get in memory via a program
>written in Java is a "unicode character", so that last category seems pretty
>redundant. Perhaps you mean something like a character within Unicode, but
>outside of ASCII?


I think that is what he meant, something like &oacute; or &rArr; You
just want to mix up the categories to foil a simple dictionary search.

You could do it pretty easily with a giant switch. Unfortunately
switches don't implement ranges, so you have have to code that
manually if you don't want to spell it out longhand. default handles
the unicode. You might add control character category and reject
such passwords. Putting whitespace on either end of a password is not
a wise idea.

--
Canadian Mind Products, Roedy Green.
http://mindprod.com Java custom programming, consulting and coaching.
 
Reply With Quote
 
Oliver Wong
Guest
Posts: n/a
 
      04-25-2006

"Roedy Green" <(E-Mail Removed) > wrote in
message news:(E-Mail Removed)...
> On Tue, 25 Apr 2006 19:08:12 GMT, "Oliver Wong" <(E-Mail Removed)>
> wrote, quoted or indirectly quoted someone who said :
>
>> All of categories are mutually exclusive except for "Unicode
>>characters". And any character that you can get in memory via a program
>>written in Java is a "unicode character", so that last category seems
>>pretty
>>redundant. Perhaps you mean something like a character within Unicode, but
>>outside of ASCII?

>
> I think that is what he meant, something like &oacute; or &rArr; You
> just want to mix up the categories to foil a simple dictionary search.
>
> You could do it pretty easily with a giant switch. Unfortunately
> switches don't implement ranges, so you have have to code that
> manually if you don't want to spell it out longhand.


To test whether a given unicode character is outside of (or inside of,
for that matter) ASCII, you could serialize it to ASCII, then re-read the
ASCII data back into an in-memory Java string, and check if you still have
the same original character that you started with. I believe what most ASCII
encoders do for characters outside of ASCII is replace them with the '?'
character.

> default handles
> the unicode. You might add control character category and reject
> such passwords. Putting whitespace on either end of a password is not
> a wise idea.


I suspect whitespace isn't that big of a problem, because any password
validationg system which performs a trim() on the password before processing
it is probably very poorly designed. Control characters (e.g. backspace,
EOF, etc.) is probably a very bad idea, because different systems will
handle them differently. Using outside-of-ASCII characters is also a bit
risky for web based authentication, because one day you might be trying to
access your site from a terminal which only supports ASCII. As Unicode
support becomes more widespread, this will probably be less of an issue.

One particularly bad password system implementation is Microsoft's ".NET
Passport" (which actually has very little to do with the .NET platform, to
which C# usually compiles). When you create your passport account, your
password is silently truncated to something like 12 or 14 characters; but
when you validate your password, it doesn't get truncated.

So if I create a new account with the password "1234567890ABCDEF", the
database will be updated to say that my password is "1234567890AB", but the
website never mentions that truncation has occured. Then when I try to log
on with the password "1234567890ABCDEF", it compares "1234567890ABCDEF"
(what I wrote) against "1234567890AB" (what's in the DB), sees that they are
not equal, and tell me that my password is incorrect.

It took me several days to figure out why my 20 character password
wasn't working.

- Oliver

 
Reply With Quote
 
Chris Uppal
Guest
Posts: n/a
 
      04-26-2006
Oliver Wong wrote:

> To test whether a given unicode character is outside of (or inside of,
> for that matter) ASCII, you could serialize it to ASCII, then re-read the
> ASCII data back into an in-memory Java string, and check if you still have
> the same original character that you started with.


What's wrong with just testing whether it's < 128 ?


> So if I create a new account with the password "1234567890ABCDEF", the
> database will be updated to say that my password is "1234567890AB", but
> the website never mentions that truncation has occured. Then when I try
> to log on with the password "1234567890ABCDEF", it compares
> "1234567890ABCDEF" (what I wrote) against "1234567890AB" (what's in the
> DB), sees that they are not equal, and tell me that my password is
> incorrect.


I think it was Sun who (inspired to a display of the very highest technical
standards), mapped my user-id and password to lower case before entering them
into the database, but didn't perform the same mapping when checking them
later...

-- chris



 
Reply With Quote
 
Oliver Wong
Guest
Posts: n/a
 
      04-26-2006

"Chris Uppal" <(E-Mail Removed)-THIS.org> wrote in message
news:444f5db2$1$653$(E-Mail Removed)...
> Oliver Wong wrote:
>
>> To test whether a given unicode character is outside of (or inside
>> of,
>> for that matter) ASCII, you could serialize it to ASCII, then re-read the
>> ASCII data back into an in-memory Java string, and check if you still
>> have
>> the same original character that you started with.

>
> What's wrong with just testing whether it's < 128 ?


Erm, er... I was trying to write code that didn't depend on the internal
encoding being UTF-16. Yeah, that's it. More robust and all that. I mean,
what if in Java 7, they decide to switch to EBCDIC internally, huh?

- Oliver

 
Reply With Quote
 
Morten Alver
Guest
Posts: n/a
 
      04-26-2006
Oliver Wong wrote:
>
> "Chris Uppal" <(E-Mail Removed)-THIS.org> wrote in message
> news:444f5db2$1$653$(E-Mail Removed)...
>
>> Oliver Wong wrote:
>>
>>> To test whether a given unicode character is outside of (or
>>> inside of,
>>> for that matter) ASCII, you could serialize it to ASCII, then re-read
>>> the
>>> ASCII data back into an in-memory Java string, and check if you still
>>> have
>>> the same original character that you started with.

>>
>>
>> What's wrong with just testing whether it's < 128 ?

>
>
> Erm, er... I was trying to write code that didn't depend on the
> internal encoding being UTF-16. Yeah, that's it. More robust and all
> that. I mean, what if in Java 7, they decide to switch to EBCDIC
> internally, huh?


You can also query a CharsetEncoder (which you can get from the
newEncoder() method of a Charset) whether it can encode a char or a
CharSequence, using the canEncode() method. This is useful in general
for detecting whether the charset you are using supports all the
characters you'd like to write.


--
Morten
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Custom Regular Expressions in ASP.net Jay Douglas ASP .Net 3 11-03-2003 08:09 PM
Regular expressions mark Perl 4 10-28-2003 12:37 PM
perl regular expressions return last matched occurence? Dustin D. Perl 1 08-28-2003 01:51 AM
matching curly braces and regular expressions Dustin D. Perl 0 08-26-2003 11:18 PM
Add custom regular expressions to the validation list of available expressions Jay Douglas ASP .Net 0 08-15-2003 10:19 PM



Advertisments