morningman opened a new pull request, #60188:
URL: https://github.com/apache/doris/pull/60188
### What problem does this PR solve?
Enhance the validatePlainPassword function in MysqlPassword.java to fully
comply with MySQL's STRONG password validation policy.
Changes:
1. Require all 4 character types (digit, lowercase, uppercase, special
character) instead of the previous "3 out of 4" requirement.
2. Add dictionary word check to reject passwords containing common weak
words.
- Built-in dictionary includes common words like: password, admin, test,
root, etc.
- Support loading custom dictionary from external file via the new global
variable `validate_password_dictionary_file`.
3. Implement lazy loading for external dictionary file:
- Dictionary is loaded on first password validation call.
- Automatically reloads when the file path is changed.
- Falls back to built-in dictionary if file loading fails.
4. Improve error messages to clearly indicate which requirements are missing.
5. Add comprehensive unit tests for all validation scenarios.
New global variable:
- `validate_password_dictionary_file`: Path to custom dictionary file (one
word per line).
### Release note
None
### Check List (For Author)
- Test <!-- At least one of them must be included. -->
- [ ] Regression test
- [ ] Unit Test
- [ ] Manual test (add detailed scripts or steps below)
- [ ] No need to test or manual test. Explain why:
- [ ] This is a refactor/code format and no logic has been changed.
- [ ] Previous test can cover this change.
- [ ] No code files have been changed.
- [ ] Other reason <!-- Add your reason? -->
- Behavior changed:
- [ ] No.
- [ ] Yes. <!-- Explain the behavior change -->
- Does this need documentation?
- [ ] No.
- [ ] Yes. <!-- Add document PR link here. eg:
https://github.com/apache/doris-website/pull/1214 -->
### Check List (For Reviewer who merge this PR)
- [ ] Confirm the release note
- [ ] Confirm test cases
- [ ] Confirm document
- [ ] Add branch pick label <!-- Add branch pick label that this PR should
merge into -->
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
