Description
Non-alphanumeric characters look like this https://wci.llnl.gov/codes/basis/manual/node161.html
Seems, that next patterns are incorrect:
org.apache.syncope.core.provisioning.api.utils.policy.PolicyPattern#NON_ALPHANUMERIC = Pattern.compile(".*\\W.*"); p org.apache.syncope.core.provisioning.api.utils.policy.PolicyPattern#FIRST_NON_ALPHANUMERIC = Pattern.compile("\\W.*"); org.apache.syncope.core.provisioning.api.utils.policy.PolicyPattern#LAST_NON_ALPHANUMERIC = Pattern.compile(".*\\W");
Looks like these pattern should be anyhow symmetric to the:
org.apache.syncope.core.spring.security.DefaultPasswordGenerator#SPECIAL_CHARS = { '!', '£', '%', '&', '(', ')', '?', '#', '$' };
Maybe these patterns should look like these:
private static final Pattern NON_ALPHANUMERIC = Pattern.compile(".*[~!@#$%^&*_\\-`(){}\\[\\]:;\"'<>,.?/\\=\\+\\\\\\|].*"); private static final Pattern FIRST_NON_ALPHANUMERIC = Pattern.compile("[~!@#$%^&*_\\-`(){}\\[\\]:;\"'<>,.?/\\=\\+\\\\\\|].*"); private static final Pattern LAST_NON_ALPHANUMERIC = Pattern.compile(".*[~!@#$%^&*_\\-`(){}\\[\\]:;\"'<>,.?/\\=\\+\\\\\\|]");