Re: AW: Using e-mail as the username - chars according to RFC

Mon, 20 May 2019 03:22:19 -0700 

On 20/05/19 12:19, Pascal Langenstein wrote:


Hi Francesco


The requirement from Customers. They want to be able to login with the 
email address, which _in_ their cases also contains symbols like >’<.



For the REST access to something like /syncope/rest/users/username, I 
assume usernames are encoded. So it would be the following:

f...@bar.com <mailto:f...@bar.com> -> /syncope/rest/users/foo%40bar.com
fo’o...@bar.com -> /syncope/rest/users/fo%27o%40bar.com
f...@bar.com <mailto:f...@bar.com> -> /syncope/rest/users/fo%2Bo%40bar.com

Therefore it should not be an issue?

Is there may be a solution to set the email property as login name?


Yes, there is: see

http://syncope.apache.org/docs/2.1/reference-guide.html#configuration-parameters

under "authentication.attributes"

HTH
Regards.


*Von:*Francesco Chicchiriccò <ilgro...@apache.org>
*Gesendet:* Freitag, 17. Mai 2019 06:45
*An:* user@syncope.apache.org
*Betreff:* Re: Using e-mail as the username - chars according to RFC

On 16/05/19 15:22, Pascal Langenstein wrote:

    Hi

    There is an issue with E-Mail addresses as a `username`. It all
    works fine for an alpha, numeric, minus, dot and underscore in
    addresses.

    However, there are a bunch more allowed signs[1] [2]. For example,
    catchall+sync...@example.com
    <mailto:catchall+sync...@example.com>is valid.


    Does there is a specific reason for
    `org.apache.syncope.common.lib.SyncopeConstants#NAME_PATTERN`
    (syncope-common-lib.2.0.12) allowing only the defined set of
    chars[3]? Could it be expanded?

Hi,

the idea behind SyncopeConstants#NAME is to limit what can be 
potentially used in REST URLs, as for example


/syncope/rest/users/username

where "username" is the value of username for a given user.

Please also note that SyncopeConstants#NAME is not used only by Users, 
but for several other entities, as Groups, Any Objects, External 
Resources, etc. - all with the same idea about REST URLs.



There is a more comprehensive SyncopeConstants#EMAIL_PATTERN which 
should allow what needed, and that can be used for validating plain 
attributes used as e-mail addresses.



Is there any particular reason why you need that usernames should be 
e-mail addresses?

Regards.

    [1] https://tools.ietf.org/html/rfc822#section-6.1

    [2]https://stackoverflow.com/a/2049510/1221807

    [3] SyncopeConstants.java:44 *public static final *String */NAME_PATTERN /*= 
*"[**\\**p{L}**\\**p{gc=Mn}**\\**p{gc=Me}**\\**p{gc=Mc}**\\**p{Digit}**\\**p{gc=Pc} 
**\\**-@.]+"*;

--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/



--
Francesco Chicchiriccò

Tirasa - Open Source Excellence
http://www.tirasa.net/

Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/























					Reply via email to