Re: Pattern regular expressions for poliices

Tue, 04 Nov 2014 06:30:40 -0800 

On 04/11/2014 14:16, Manfredo Hopp wrote:
HI Francesco, our user database has account ids expressed in digits and the idea is having the same id in syncope, but it seems that digits are not accepted since an expression like [0-9]+ throws 


19:45:50.464 ERROR 
org.apache.syncope.core.sync.impl.AbstractSyncopeResultHandler - Could 
not create USER 69
org.apache.syncope.core.persistence.validation.entity.InvalidEntityException: 
SyncopeUser [Standard, InvalidUsername]
        at 
org.apache.syncope.core.persistence.validation.entity.EntityValidationListener.validate(EntityValidationListener.java:49) 
~[EntityValidationListener.class:?]
        at sun.reflect.GeneratedMethodAccessor156.invoke(Unknown 
Source) ~[?:?]


Hi Manfredo,
I cannot replicate this problem.

In embedded mode from a fresh generated 1.2.1-SNAPSHOT project I have:


 1. created an account policy "onlyDigits" with only option for pattern 
([0-9]+)
 2. created a role "roleForOnlyDigits" and set it with the account 
policy above
 3. created a new user, assigned the roleForOnlyDigits role, set 
username to "test" - got validation error, as expected

 4. changed username to "12345678" - create completed successfully


This specific issue is also checked by 
org.apache.syncope.core.policy.AccountPolicyEnforcerTest#testExplicitPattern 
- see [2].


Regards.


2014-11-04 3:29 GMT-03:00 Francesco Chicchiriccò <[email protected] 
<mailto:[email protected]>>:


    On 03/11/2014 23:03, Manfredo Hopp wrote:

        Hello, I want to create accounts ids composed only by digits,
        and get InvaledUserName as result of
        EntityValidationListener.validate.

        My guess is that validation is controlled by AccountPolicies
        where I can see an entry for regular expressions, which is not
        documented,

        Entering a regular expression doesnt change anithing, so waht
        is that item for?
        And where can I control name ids?


    Hi,
    you are right, the pattern option for account policies -
    introduced with 1.2.0 - is not yet reported at [1].

    When you define a policy (account, password, sync) you also need
    to configure for which users such policy is going to be applied:
    if created as GLOBAL policy it will be applied to all users,
    otherwise you will need to associate it to a role or a resource in
    order to make it effective (for users owning that role or assigned
    to that resource, clearly).

    Additional information: when not specified, the pattern for user
    names is "[a-zA-Z0-9-_@. ]+".

    Could you please provide more details of what you are doing?

    Regards.

    [1]
    
https://cwiki.apache.org/confluence/display/SYNCOPE/Policies#Policies-AccountPolicies


[2] 
https://git-wip-us.apache.org/repos/asf?p=syncope.git;a=blob;f=core/src/test/java/org/apache/syncope/core/policy/AccountPolicyEnforcerTest.java;h=97b9d99a0ce1754d19ce49704ba8c6613326d1c0;hb=1_2_X#l87


--
Francesco Chicchiriccò

Tirasa - Open Source Excellence
http://www.tirasa.net/

Involved at The Apache Software Foundation:
member, Syncope PMC chair, Cocoon PMC, Olingo PMC
http://people.apache.org/~ilgrosso/























					Reply via email to