update ldapchai and non-alpha pw-rule handling

server/pom.xml

@@ -190,7 +190,7 @@
         <dependency>
             <groupId>com.github.ldapchai</groupId>
             <artifactId>ldapchai</artifactId>
-            <version>0.7.3</version>
+            <version>0.7.4</version>
         </dependency>
         <dependency>
             <groupId>commons-net</groupId>

server/src/main/java/password/pwm/config/PwmSetting.java

@@ -492,6 +492,8 @@ public enum PwmSetting
             "password.policy.maximumAlpha", PwmSettingSyntax.NUMERIC, PwmSettingCategory.PASSWORD_POLICY ),
     PASSWORD_POLICY_MINIMUM_ALPHA(
             "password.policy.minimumAlpha", PwmSettingSyntax.NUMERIC, PwmSettingCategory.PASSWORD_POLICY ),
+    PASSWORD_POLICY_ALLOW_NON_ALPHA(
+            "password.policy.allowNonAlpha", PwmSettingSyntax.BOOLEAN, PwmSettingCategory.PASSWORD_POLICY ),
     PASSWORD_POLICY_MAXIMUM_NON_ALPHA(
             "password.policy.maximumNonAlpha", PwmSettingSyntax.NUMERIC, PwmSettingCategory.PASSWORD_POLICY ),
     PASSWORD_POLICY_MINIMUM_NON_ALPHA(

server/src/main/java/password/pwm/config/profile/PwmPasswordRule.java

@@ -280,6 +280,26 @@ public enum PwmPasswordRule
             ChaiPasswordRule.ADComplexityMaxViolation.getDefaultValue(),
             false ),
 
+    AllowNonAlpha(
+            ChaiPasswordRule.AllowNonAlpha,
+            PwmSetting.PASSWORD_POLICY_ALLOW_NON_ALPHA,
+            ChaiPasswordRule.AllowNonAlpha.getRuleType(),
+            ChaiPasswordRule.AllowNonAlpha.getDefaultValue(),
+            false ),
+
+    MinimumNonAlpha(
+            ChaiPasswordRule.MinimumNonAlpha,
+            PwmSetting.PASSWORD_POLICY_MINIMUM_NON_ALPHA,
+            ChaiPasswordRule.RuleType.MIN,
+            "0",
+            false ),
+
+    MaximumNonAlpha(
+            ChaiPasswordRule.MaximumNonAlpha,
+            PwmSetting.PASSWORD_POLICY_MAXIMUM_NON_ALPHA,
+            ChaiPasswordRule.RuleType.MAX,
+            "0",
+            false ),
 
     // pwm specific rules
     // value will be imported indirectly from chai rule
@@ -327,20 +347,6 @@ public enum PwmPasswordRule
             false
     ),
 
-    MinimumNonAlpha(
-            null,
-            PwmSetting.PASSWORD_POLICY_MINIMUM_NON_ALPHA,
-            ChaiPasswordRule.RuleType.MIN,
-            "0",
-            false ),
-
-    MaximumNonAlpha(
-            null,
-            PwmSetting.PASSWORD_POLICY_MAXIMUM_NON_ALPHA,
-            ChaiPasswordRule.RuleType.MAX,
-            "0",
-            false ),
-
     EnableWordlist(
             null,
             PwmSetting.PASSWORD_POLICY_ENABLE_WORDLIST,

server/src/main/java/password/pwm/util/PwmPasswordRuleValidator.java

@@ -885,15 +885,25 @@ public class PwmPasswordRuleValidator
         {
             final int numberOfNonAlphaChars = charCounter.getNonAlphaCharCount();
 
-            if ( numberOfNonAlphaChars < ruleHelper.readIntValue( PwmPasswordRule.MinimumNonAlpha ) )
+            if ( ruleHelper.readBooleanValue( PwmPasswordRule.AllowNonAlpha ) )
             {
-                errorList.add( new ErrorInformation( PwmError.PASSWORD_NOT_ENOUGH_NONALPHA ) );
-            }
+                if ( numberOfNonAlphaChars < ruleHelper.readIntValue( PwmPasswordRule.MinimumNonAlpha ) )
+                {
+                    errorList.add( new ErrorInformation( PwmError.PASSWORD_NOT_ENOUGH_NONALPHA ) );
+                }
 
-            final int maxNonAlpha = ruleHelper.readIntValue( PwmPasswordRule.MaximumNonAlpha );
-            if ( maxNonAlpha > 0 && numberOfNonAlphaChars > maxNonAlpha )
+                final int maxNonAlpha = ruleHelper.readIntValue( PwmPasswordRule.MaximumNonAlpha );
+                if ( maxNonAlpha > 0 && numberOfNonAlphaChars > maxNonAlpha )
+                {
+                    errorList.add( new ErrorInformation( PwmError.PASSWORD_TOO_MANY_NONALPHA ) );
+                }
+            }
+            else
             {
-                errorList.add( new ErrorInformation( PwmError.PASSWORD_TOO_MANY_NONALPHA ) );
+                if ( numberOfNonAlphaChars > 0 )
+                {
+                    errorList.add( new ErrorInformation( PwmError.PASSWORD_TOO_MANY_NONALPHA ) );
+                }
             }
         }
 

server/src/main/resources/password/pwm/config/PwmSetting.xml

@@ -1193,6 +1193,11 @@
             <value>0</value>
         </default>
     </setting>
+    <setting hidden="false" key="password.policy.allowNonAlpha" level="1" required="true">
+        <default>
+            <value>true</value>
+        </default>
+    </setting>
     <setting hidden="false" key="password.policy.maximumNonAlpha" level="1" required="true">
         <default>
             <value>0</value>

server/src/main/resources/password/pwm/i18n/Message.properties

@@ -110,6 +110,7 @@ Rule_MinimumUpperCase=Minimum Upper Case
 Rule_MaximumUpperCase=Maximum Upper Case
 Rule_MinimumLowerCase=Minimum Lower Case
 Rule_MaximumLowerCase=Maximum Lower Case
+Rule_AllowNonAlpha=Allow Non-Alpha
 Rule_AllowNumeric=Allow Numeric
 Rule_MinimumNumeric=Minimum Numeric
 Rule_MaximumNumeric=Maximum Numeric

server/src/main/resources/password/pwm/i18n/PwmSetting.properties

@@ -535,6 +535,7 @@ Setting_Description_password.policy.allowFirstCharNumeric=Enable this option to
 Setting_Description_password.policy.allowFirstCharSpecial=Enable this option to allow the first character of the password to be a special character.  Applies only if the password policy allows special characters.
 Setting_Description_password.policy.allowLastCharNumeric=Enable this option to allow the last character of the password to be numeric.  Applies only if the password policy allows numeric characters.
 Setting_Description_password.policy.allowLastCharSpecial=Enable this option to allow the last character of the password to be a special character.  Applies only if the password policy allows special characters.
+Setting_Description_password.policy.allowNonAlpha=Enable this option to allow non-alphabetic characters in the password.
 Setting_Description_password.policy.allowNumeric=Enable this option to allow numeric characters in the password.
 Setting_Description_password.policy.allowSpecial=Enable this option to allow special (non alpha-numeric) characters in the password.
 Setting_Description_password.policy.caseSensitivity=Enable this option to control if the password is case sensitive.  In most cases, @PwmAppName@ can read this from the directory, but in some cases, the system cannot correctly read this value, so you can override it here.
@@ -1054,6 +1055,7 @@ Setting_Label_password.policy.allowFirstCharNumeric=Allow First Character Numeri
 Setting_Label_password.policy.allowFirstCharSpecial=Allow First Character Special
 Setting_Label_password.policy.allowLastCharNumeric=Allow Last Character Numeric
 Setting_Label_password.policy.allowLastCharSpecial=Allow Last Character Special
+Setting_Label_password.policy.allowNonAlpha=Allow Non-Alphabetic Characters
 Setting_Label_password.policy.allowNumeric=Allow Numeric Characters
 Setting_Label_password.policy.allowSpecial=Allow Special Characters
 Setting_Label_password.policy.caseSensitivity=Password is Case Sensitive

server/src/test/java/password/pwm/config/profile/PwmPasswordRuleTest.java

@@ -0,0 +1,42 @@
+/*
+ * Password Management Servlets (PWM)
+ * http://www.pwm-project.org
+ *
+ * Copyright (c) 2006-2009 Novell, Inc.
+ * Copyright (c) 2009-2018 The PWM Project
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+package password.pwm.config.profile;
+
+import org.junit.Test;
+import password.pwm.PwmConstants;
+
+public class PwmPasswordRuleTest
+{
+    @Test
+    public void testRuleLabels() throws Exception
+    {
+        for ( final PwmPasswordRule rule : PwmPasswordRule.values() )
+        {
+            final String value = rule.getLabel( PwmConstants.DEFAULT_LOCALE, null );
+            if ( value == null || value.contains( "MissingKey" ) )
+            {
+                throw new Exception(" missing label for PwmPasswordRule " + rule.name() );
+            }
+        }
+    }
+}

webapp/src/main/webapp/public/health.jsp

@@ -158,7 +158,7 @@
         }
 
         function handleWarnFlash() {
-            if (PWM_GLOBAL['pwm-health'] == "WARN") {
+            if (PWM_GLOBAL['pwm-health'] === "WARN") {
                 PWM_MAIN.flashDomElement(errorColor,'body',3000);
             }
         }