[xwiki-devs] Regex validation of password on registration page

Guillaume Lerouge asked me on IRC if one could choose a regex for validating a password which a user chooses. This was the question: CalebJamesDeLisl: do you know whether it's possible to specify a regex for the password check in the new registration screen? <glerouge> like, if the password does not have at least 3 numbers, 3 lowecase letters and 3 uppercase letters refuse it Since he was gone when I woke up, I decided to answer here. The answer is yes it is quite possible, in fact there is a regex being used already at the moment the regex only forces the user to choose a password longer than 5 characters but it can be changed in the configuration at the top of the registration page. The configuration looks like this: ## ##The password field, mandatory and must be at least 6 characters long. #set($field = {'name' : 'register_password', 'label' : $msg.get('core.register.password'), 'params' : { 'type' : 'password', 'size' : '10' }, 'validate' : { 'mandatory' : { 'failureMessage' : $msg.get('xe.admin.registration.fieldMandatory') }, 'regex' : { 'pattern' : '/.{6,}/', 'failureMessage' : $msg.get('xe.admin.registration.passwordTooShort') } } }) and where it says /.{6,}/ is where you would put the expression (and you would probably want to change the failure message) Note that you may not add another regular expression below the one already existing because the data is stored as a map and a map can only have one value for the key 'regex'. Caleb