diff --git a/spring-security-login-and-registration/pom.xml b/spring-security-login-and-registration/pom.xml
index 89ef8d571c..2f0988ea2d 100644
--- a/spring-security-login-and-registration/pom.xml
+++ b/spring-security-login-and-registration/pom.xml
@@ -67,6 +67,14 @@
test
+
+
+ org.passay
+ passay
+ 1.0
+
+
+
org.springframework.data
diff --git a/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/service/UserDto.java b/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/service/UserDto.java
index feaa3351e3..627aac81c4 100644
--- a/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/service/UserDto.java
+++ b/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/service/UserDto.java
@@ -1,32 +1,32 @@
package org.baeldung.persistence.service;
import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Size;
import org.baeldung.validation.PasswordMatches;
import org.baeldung.validation.ValidEmail;
-import org.hibernate.validator.constraints.NotEmpty;
+import org.baeldung.validation.ValidPassword;
@PasswordMatches
public class UserDto {
@NotNull
- @NotEmpty
+ @Size(min = 1)
private String firstName;
@NotNull
- @NotEmpty
+ @Size(min = 1)
private String lastName;
- @NotNull
- @NotEmpty
+ @ValidPassword
private String password;
@NotNull
- @NotEmpty
+ @Size(min = 1)
private String matchingPassword;
@ValidEmail
@NotNull
- @NotEmpty
+ @Size(min = 1)
private String email;
public String getEmail() {
diff --git a/spring-security-login-and-registration/src/main/java/org/baeldung/validation/PasswordConstraintValidator.java b/spring-security-login-and-registration/src/main/java/org/baeldung/validation/PasswordConstraintValidator.java
new file mode 100644
index 0000000000..80d06a0f69
--- /dev/null
+++ b/spring-security-login-and-registration/src/main/java/org/baeldung/validation/PasswordConstraintValidator.java
@@ -0,0 +1,38 @@
+package org.baeldung.validation;
+
+import java.util.Arrays;
+
+import javax.validation.ConstraintValidator;
+import javax.validation.ConstraintValidatorContext;
+
+import org.passay.DigitCharacterRule;
+import org.passay.LengthRule;
+import org.passay.PasswordData;
+import org.passay.PasswordValidator;
+import org.passay.RuleResult;
+import org.passay.SpecialCharacterRule;
+import org.passay.UppercaseCharacterRule;
+import org.passay.WhitespaceRule;
+
+import com.google.common.base.Joiner;
+
+public class PasswordConstraintValidator implements ConstraintValidator {
+
+ @Override
+ public void initialize(final ValidPassword arg0) {
+
+ }
+
+ @Override
+ public boolean isValid(final String password, final ConstraintValidatorContext context) {
+ final PasswordValidator validator = new PasswordValidator(Arrays.asList(new LengthRule(8, 30), new UppercaseCharacterRule(1), new DigitCharacterRule(1), new SpecialCharacterRule(1), new WhitespaceRule()));
+ final RuleResult result = validator.validate(new PasswordData(password));
+ if (result.isValid()) {
+ return true;
+ }
+ context.disableDefaultConstraintViolation();
+ context.buildConstraintViolationWithTemplate(Joiner.on("\n").join(validator.getMessages(result))).addConstraintViolation();
+ return false;
+ }
+
+}
diff --git a/spring-security-login-and-registration/src/main/java/org/baeldung/validation/ValidPassword.java b/spring-security-login-and-registration/src/main/java/org/baeldung/validation/ValidPassword.java
new file mode 100644
index 0000000000..37b217213a
--- /dev/null
+++ b/spring-security-login-and-registration/src/main/java/org/baeldung/validation/ValidPassword.java
@@ -0,0 +1,27 @@
+package org.baeldung.validation;
+
+import static java.lang.annotation.ElementType.ANNOTATION_TYPE;
+import static java.lang.annotation.ElementType.FIELD;
+import static java.lang.annotation.ElementType.TYPE;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+import javax.validation.Constraint;
+import javax.validation.Payload;
+
+@Documented
+@Constraint(validatedBy = PasswordConstraintValidator.class)
+@Target({ TYPE, FIELD, ANNOTATION_TYPE })
+@Retention(RUNTIME)
+public @interface ValidPassword {
+
+ String message() default "Invalid Password";
+
+ Class>[] groups() default {};
+
+ Class extends Payload>[] payload() default {};
+
+}