On 20/05/19 12:19, Pascal Langenstein wrote:
Hi Francesco
The requirement from Customers. They want to be able to login with the
email address, which _in_ their cases also contains symbols like >’<.
For the REST access to something like /syncope/rest/users/username, I
assume usernames are encoded. So it would be the following:
f...@bar.com <mailto:f...@bar.com> -> /syncope/rest/users/foo%40bar.com
fo’o...@bar.com -> /syncope/rest/users/fo%27o%40bar.com
f...@bar.com <mailto:f...@bar.com> -> /syncope/rest/users/fo%2Bo%40bar.com
Therefore it should not be an issue?
Is there may be a solution to set the email property as login name?
Yes, there is: see
http://syncope.apache.org/docs/2.1/reference-guide.html#configuration-parameters
under "authentication.attributes"
HTH
Regards.
*Von:*Francesco Chicchiriccò <ilgro...@apache.org>
*Gesendet:* Freitag, 17. Mai 2019 06:45
*An:* user@syncope.apache.org
*Betreff:* Re: Using e-mail as the username - chars according to RFC
On 16/05/19 15:22, Pascal Langenstein wrote:
Hi
There is an issue with E-Mail addresses as a `username`. It all
works fine for an alpha, numeric, minus, dot and underscore in
addresses.
However, there are a bunch more allowed signs[1] [2]. For example,
catchall+sync...@example.com
<mailto:catchall+sync...@example.com>is valid.
Does there is a specific reason for
`org.apache.syncope.common.lib.SyncopeConstants#NAME_PATTERN`
(syncope-common-lib.2.0.12) allowing only the defined set of
chars[3]? Could it be expanded?
Hi,
the idea behind SyncopeConstants#NAME is to limit what can be
potentially used in REST URLs, as for example
/syncope/rest/users/username
where "username" is the value of username for a given user.
Please also note that SyncopeConstants#NAME is not used only by Users,
but for several other entities, as Groups, Any Objects, External
Resources, etc. - all with the same idea about REST URLs.
There is a more comprehensive SyncopeConstants#EMAIL_PATTERN which
should allow what needed, and that can be used for validating plain
attributes used as e-mail addresses.
Is there any particular reason why you need that usernames should be
e-mail addresses?
Regards.
[1] https://tools.ietf.org/html/rfc822#section-6.1
[2]https://stackoverflow.com/a/2049510/1221807
[3] SyncopeConstants.java:44 *public static final *String */NAME_PATTERN /*=
*"[**\\**p{L}**\\**p{gc=Mn}**\\**p{gc=Me}**\\**p{gc=Mc}**\\**p{Digit}**\\**p{gc=Pc}
**\\**-@.]+"*;
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/