CSJCurrent en:Password Functions

Aus Cryptshare Documentation
Version vom 13. Oktober 2021, 11:17 Uhr von Maintenance script (Diskussion | Beiträge) (Imported from text file)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Wechseln zu:Navigation, Suche



When doing a Cryptshare Transfer, you can specify a password that will be required to access the transferred files. However, this password needs to fulfill the requirements of the Password Policy set up on the Cryptshare Server. You can have the Cryptshare Server check a password to make sure that it fulfills the requirements of the Password Policy or you can have the Cryptshare Server generate a password for you.

Requesting a Server Generated Password

You can request a new password from the Cryptshare Server by calling the Client's method requestPassword(int). In order to use this method, the sender address or the Client instance will have to be verified (see Verification). The method requires the desired length of the new password as a parameter and returns a new password of the given length that is compatible with the Password Policy set up on the Cryptshare Server. You can then use this password as the password for a Cryptshare File Transfer operation. If the specified length is less than the required minimum length defined in the Password Policy, then the minimum length will be used.

Example: Requesting a Password

// First create the Client instance
// Create a WebServiceUri for your Cryptshare Server 
WebServiceUri serviceUri = new WebServiceUri("https://cryptshare.server.com");
 
// Create a CryptshareConnection instance for your WebServiceUri
CryptshareConnection connection = new CryptshareConnection(serviceUri);
 
// Create the Client instance with the sender's email address, 
// the CryptshareConnection, and the path to the verification store.
Client client = new Client("sender_email@server.com", connection, Paths.get("C:\\\\temp"));

// Assuming that either the sender address or the client is already verified,
// we can now request a new password of length 8, for example.
String password = client.requestPassword(8);

Validating a given Password

If you would like to choose your own password for a Cryptshare File Transfer, then you can have that password validated by the Cryptshare Server to make sure that it is compatible with the server's Password Policy. Otherwise, you will get an error when trying to initiate a Cryptshare File Transfer with an invalid password. The Client's method checkPassword(String) takes the password to check as a parameter and returns a PasswordPolicy instance, containing the result of the Password Policy check for the given password.

Example: Requesting a Password

// First create the Client instance
// Create a WebServiceUri for your Cryptshare Server 
WebServiceUri serviceUri = new WebServiceUri("https://cryptshare.server.com");
 
// Create a CryptshareConnection instance for your WebServiceUri
CryptshareConnection connection = new CryptshareConnection(serviceUri);
 
// Create the Client instance with the sender's email address, 
// the CryptshareConnection, and the path to the verification store.
Client client = new Client("sender_email@server.com", connection, Paths.get("C:\\\\temp"));

// Assuming that either the sender address or the client is already verified,
// we can now request to have our password, for instance 'password123' validated.
String passwordToCheck = "password123";
PasswordCheckResult result = client.checkPassword(passwordToCheck);

// The security strength of the given password as a float in the range from 
// 0.0f - 1.0f with 1.0f being most secure.
System.out.println("password security = " + result.getSecurity());

// The PasswordCheckResult object also contains the results of the test for the 
// given password        
System.out.println("Is password too short?: " + result.isTooShort());
System.out.println("Is password too long?: " + result.isTooLong());
System.out.println("Does password not fulfil all requirements?: " + 	
							result.isInsufficientCharacteristics());
System.out.println("Does password have insufficient number of digits?: " + 
							result.isInsufficientDigits());
System.out.println("Does password not have enough alphabetic characters?: " +
							result.isInsufficientAlphabetical());
System.out.println("Does password not have sufficient special characters?: " + 
							result.isInsufficientSpecial());
System.out.println("Does password not have enough uppercase letters?: " +
							result.isInsufficientUpper());
System.out.println("Does password not have enough lowercase letters?: " + 
							result.isInsufficientLower());
System.out.println("Does password contain illegal whitespace?: " + 
							result.isIllegalWhitespace());
System.out.println("Is the password an illegal word?: " + 
							result.isIllegalWord());
System.out.println("Does the password contain an illegal sequence?: " +  
							result.isIllegalSequence());
System.out.println("Does the password contain an illegal repetition?: " + 
							result.isIllegalRepetition());

// The PasswordPolicy object also contains the configured settings of the 
// password policy to see how the policy is configured on the server
System.out.println("Minimum password length: " + passwordPolicy.getMinimumLength());
System.out.println("Maximum password length: " + passwordPolicy.getMaximumLength());
System.out.println("Must a password contain digits?: " + 
							passwordPolicy.isMustContainDigits());
System.out.println("Must a password contain characters?: " + 
							passwordPolicy.isMustContainChars());
System.out.println("Must a password contain special characters?: " + 
							passwordPolicy.isMustContainSpecialChars());
System.out.println("Must a password be upper/lower case?: " + 
							passwordPolicy.isMustBeUpperLowerCase());
System.out.println("Will a password that can be found in a dictionary be declined?: " + 
							passwordPolicy.isDictionaryDeclined());
System.out.println("Will a password containing a character repetition be declined?: " + 
							passwordPolicy.isCharRepetitionsDeclined());
System.out.println("Are whitespaces in a password allowed?: " + 
							passwordPolicy.isAllowWhitespaces());
System.out.println("Are alphabetical sequences in a password allowed?: " + 
							passwordPolicy.isAllowAlphabeticalSequence());
System.out.println("Are numeric sequences in a password allowed?: " + 
							passwordPolicy.isAllowNumericSequence());
System.out.println("Are QUERTY sequences in a password allowed?: " + 
							passwordPolicy.isAllowQwertySequence());

Request the password requirements

Example: Requesting a Password

// First create the Client instance
// Create a WebServiceUri for your Cryptshare Server 
WebServiceUri serviceUri = new WebServiceUri("https://cryptshare.server.com");
 
// Create a CryptshareConnection instance for your WebServiceUri
CryptshareConnection connection = new CryptshareConnection(serviceUri);
 
// Create the Client instance with the sender's email address, 
// the CryptshareConnection, and the path to the verification store.
Client client = new Client("sender_email@server.com", connection, Paths.get("C:\\\\temp"));

// Assuming that either the sender address or the client is already verified,
// we can now request the password requirements.
PasswordPolicy passwordPolicy = client.requestPasswordPolicy();

System.out.println("Minimum password length: " + passwordPolicy.getMinimumLength());
System.out.println("Maximum password length: " + passwordPolicy.getMaximumLength());
System.out.println("Must a password contain digits?: " + 
							passwordPolicy.isMustContainDigits());
System.out.println("Must a password contain characters?: " + 
							passwordPolicy.isMustContainChars());
System.out.println("Must a password contain special characters?: " + 
							passwordPolicy.isMustContainSpecialChars());
System.out.println("Must a password be upper/lower case?: " + 
							passwordPolicy.isMustBeUpperLowerCase());
System.out.println("Will a password that can be found in a dictionary be declined?: " + 
							passwordPolicy.isDictionaryDeclined());
System.out.println("Will a password containing a character repetition be declined?: " + 
							passwordPolicy.isCharRepetitionsDeclined());
System.out.println("Are whitespaces in a password allowed?: " + 
							passwordPolicy.isAllowWhitespaces());
System.out.println("Are alphabetical sequences in a password allowed?: " + 
							passwordPolicy.isAllowAlphabeticalSequence());
System.out.println("Are numeric sequences in a password allowed?: " + 
							passwordPolicy.isAllowNumericSequence());
System.out.println("Are QUERTY sequences in a password allowed?: " + 
							passwordPolicy.isAllowQwertySequence());
System.out.println("Which characters are not allowed?: " + 
							passwordPolicy.getBlacklist());