WPIA git - gigi.git/commit - src/club/wpia/gigi/Gigi.java

add: optionally check pwned passwords

A new configuration option is added, specifying the path to a file of
known password hashes which Gigi will refuse to accept for user
accounts. If the option is not specified, Gigi attempts to use the Pwned
Passwords database (see the pwned-passwords-bin package) but continues
startup if the database cannot be opened. This is intended to be useful
for developers: production users should always configure the path to the
file explicitly, so that Gigi will refuse to start if the file cannot be
accessed for whatever reason.

The PasswordHashChecker, if used, is chained behind the usual
PasswordStrengthChecker using a DelegatingPasswordChecker.

Change-Id: I9e54bd45fa35d7ea81d44677f50635d6ab8514e0

author	Lucas Werkmeister <mail@lucaswerkmeister.de>
	Sat, 2 Jun 2018 19:53:15 +0000 (21:53 +0200)
committer	Lucas Werkmeister <mail@lucaswerkmeister.de>
	Tue, 12 Jun 2018 18:31:25 +0000 (20:31 +0200)
commit	135e6c4a1a81bb3ea5db81d5d3a619f0c30130ab
tree	3a6ac8842f50d38b87b134e96ca5fd665310c3f5	tree \| snapshot
parent	3bcfce78399cac2b4f7ad36853a28c866e3fb721	commit \| diff

config/gigi.properties.template		diff \| blob \| history
debian/control		diff \| blob \| history
debian/gigi.properties.5		diff \| blob \| history
src/club/wpia/gigi/Gigi.java		diff \| blob \| history