Probably this is enforced in security.xsd, by schema XML like this (5.0-1):
> <xs:simpleType name="user-name"> > <xs:annotation> > <xs:documentation> > </xs:documentation> > <xs:appinfo> > </xs:appinfo> > </xs:annotation> > <xs:restriction base="xs:token"> > <xs:pattern value="[a-zA-Z0-9._@-]+"/> > <xs:minLength value="1"/> > </xs:restriction> > </xs:simpleType> Specifically, the xs:pattern will restrict user-name to ASCII alphanumerics, plus a few extra characters. As you've observed, the definition for role-name doesn't include a similar pattern restriction: > <xs:simpleType name="role-name"> > <xs:annotation> > <xs:documentation> > </xs:documentation> > <xs:appinfo> > </xs:appinfo> > </xs:annotation> > <xs:restriction base="xs:NMTOKEN"> > <xs:minLength value="1"/> > </xs:restriction> > </xs:simpleType> You might wonder if you can remove this by editing security.xsd? As far as I know you can, but you should not and I would recommend against it. Your tweak would be unsupported, and would be likely to introduce new problems. Maintaining the local change would become a headache, as well. Instead, if you want to make a case that this restriction is a bug, or submit an RFE to modify it, you should contact support. -- Mike On 2 Dec 2011, at 10:50 , Harry B. wrote: > The authentication system we have fronting our MarkLogic application allows > usernames with diacritics and double-byte characters. I have found that > MarkLogic will not let me create a username with these characters. For > example, a username of jóvenes throws SEC-BADUSERNAME: (err:FOER0000) New > user name is not valid when using the MarkLogic admin tool and an even > nastier looking error when using sec:create-user(). Same thing with a > username consisting of Chinese characters. > > What befuddles me is that I can use these characters for role names, > collections, etc. > > Is there a restriction on what characters are allowed in user names? Is there > something I can do with sec:create-user() to encode/decode the characters to > work? > > Thanks in advance, > Harry > _______________________________________________ > General mailing list > [email protected] > http://developer.marklogic.com/mailman/listinfo/general _______________________________________________ General mailing list [email protected] http://developer.marklogic.com/mailman/listinfo/general
