add password validator

spring-security-login-and-registration/pom.xml

@@ -67,6 +67,14 @@
 			<scope>test</scope>
 		</dependency>
 
+        <!-- Password Validation -->
+        <dependency>
+		    <groupId>org.passay</groupId>
+		    <artifactId>passay</artifactId>
+		    <version>1.0</version>
+		</dependency>
+        
+        
         <!-- Spring Data JPA dependencies -->
         <dependency>
             <groupId>org.springframework.data</groupId>

spring-security-login-and-registration/src/main/java/org/baeldung/persistence/service/UserDto.java

@@ -1,32 +1,32 @@
 package org.baeldung.persistence.service;
 
 import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Size;
 
 import org.baeldung.validation.PasswordMatches;
 import org.baeldung.validation.ValidEmail;
-import org.hibernate.validator.constraints.NotEmpty;
+import org.baeldung.validation.ValidPassword;
 
 @PasswordMatches
 public class UserDto {
     @NotNull
-    @NotEmpty
+    @Size(min = 1)
     private String firstName;
 
     @NotNull
-    @NotEmpty
+    @Size(min = 1)
     private String lastName;
 
-    @NotNull
-    @NotEmpty
+    @ValidPassword
     private String password;
 
     @NotNull
-    @NotEmpty
+    @Size(min = 1)
     private String matchingPassword;
 
     @ValidEmail
     @NotNull
-    @NotEmpty
+    @Size(min = 1)
     private String email;
 
     public String getEmail() {

spring-security-login-and-registration/src/main/java/org/baeldung/validation/PasswordConstraintValidator.java

@@ -0,0 +1,38 @@
+package org.baeldung.validation;
+
+import java.util.Arrays;
+
+import javax.validation.ConstraintValidator;
+import javax.validation.ConstraintValidatorContext;
+
+import org.passay.DigitCharacterRule;
+import org.passay.LengthRule;
+import org.passay.PasswordData;
+import org.passay.PasswordValidator;
+import org.passay.RuleResult;
+import org.passay.SpecialCharacterRule;
+import org.passay.UppercaseCharacterRule;
+import org.passay.WhitespaceRule;
+
+import com.google.common.base.Joiner;
+
+public class PasswordConstraintValidator implements ConstraintValidator<ValidPassword, String> {
+
+    @Override
+    public void initialize(final ValidPassword arg0) {
+
+    }
+
+    @Override
+    public boolean isValid(final String password, final ConstraintValidatorContext context) {
+        final PasswordValidator validator = new PasswordValidator(Arrays.asList(new LengthRule(8, 30), new UppercaseCharacterRule(1), new DigitCharacterRule(1), new SpecialCharacterRule(1), new WhitespaceRule()));
+        final RuleResult result = validator.validate(new PasswordData(password));
+        if (result.isValid()) {
+            return true;
+        }
+        context.disableDefaultConstraintViolation();
+        context.buildConstraintViolationWithTemplate(Joiner.on("\n").join(validator.getMessages(result))).addConstraintViolation();
+        return false;
+    }
+
+}

spring-security-login-and-registration/src/main/java/org/baeldung/validation/ValidPassword.java

@@ -0,0 +1,27 @@
+package org.baeldung.validation;
+
+import static java.lang.annotation.ElementType.ANNOTATION_TYPE;
+import static java.lang.annotation.ElementType.FIELD;
+import static java.lang.annotation.ElementType.TYPE;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+import javax.validation.Constraint;
+import javax.validation.Payload;
+
+@Documented
+@Constraint(validatedBy = PasswordConstraintValidator.class)
+@Target({ TYPE, FIELD, ANNOTATION_TYPE })
+@Retention(RUNTIME)
+public @interface ValidPassword {
+
+    String message() default "Invalid Password";
+
+    Class<?>[] groups() default {};
+
+    Class<? extends Payload>[] payload() default {};
+
+}