allowedcharacterrule allows to specify the characters which a password can include. consider the following example.

example

the below example shows the validation of a password against above policy using passay library.

import org.passay.allowedcharacterrule;
import org.passay.lengthrule;
import org.passay.passworddata;
import org.passay.passwordvalidator;
import org.passay.rule;
import org.passay.ruleresult;

public class passayexample {
   public static void main(string[] args) {
      //rule: password should contains only a, b and c       
      rule rule1 = new allowedcharacterrule(new char[] {'a', 'b', 'c'});
      //8 and 16 characters
      rule rule2 = new lengthrule(8, 16);    

      passwordvalidator validator = new passwordvalidator(rule1, rule2);
      passworddata password = new passworddata("abcabcab1");
      ruleresult result = validator.validate(password);

      if(result.isvalid()){
         system.out.println("password validated.");
      } else {
         system.out.println("invalid password: " + validator.getmessages(result));            
      }
   }
}

output

invalid password: [password contains the illegal character '1'.]