Can not create user with dot in userName

Marat · October 15, 2020, 9:24am

Hello, sorry for repeating a similar question but I can’t solve my problem using tips from those topics.
So my problem is when I tried to create a user with a userName “user.one” I get an exception

org.camunda.bpm.engine.ProcessEngineException: User has an invalid id: ‘user.one’ is not a valid resource identifier.

I read in the documentation that I need to add properties for a whiteList it seems to me that I added them but it doesn’t work. Could you tell me please what I do wrong?
My project powered by Spring I use org.camunda.bpm.springboot 7.13.0
Here is my processes.xml

<process-archive name="loan-approval">
    <process-engine>default</process-engine>
    <properties>
        <property name="isDeleteUponUndeploy">false</property>
        <property name="isScanForProcessDefinitions">true</property>
        <property name="javaSerializationFormatEnabled">true</property>


        <property name="generalResourceWhitelistPattern">[a-zA-Z0-9-@.]+</property>
        <property name="userResourceWhitelistPattern">[a-zA-Z0-9-@.]+</property>
    </properties>
</process-archive>

Thanks in advance!

langfr · October 15, 2020, 4:46pm

A . in regex is a metacharacter, it is used to match any character. To match a literal dot, you need to escape it, so \.

JanAtEcotel · October 16, 2020, 6:00am

Depending on the regex-parser using a . inside squared brackets [] is allowed to identify a ..
To be fully precise the last - should also be escaped. So actually the regex should look something like [a-zA-Z0-9\-@\.]+. Alternatively hit this link: https://regex101.com/r/nFE5Lk/1/ it explains the regex. You can play around with the expression by removing the escaping \ and see what the “EXPLANATION”-Tab tells you about your expression.

Marat · October 16, 2020, 6:26am

I think that problem with the it doesn’t work.
I changed the regex to
[a-z]+
[a-z]+
And I still can create user with login USERONE so as far as I understand these properties dont work.

Marat · October 16, 2020, 6:28am

Thank you for the answer, but I suppose that my problem with the property. I came to this conclusion because I tried to change my regex many times and it didn’t cause any effect.

davidgs · October 16, 2020, 3:35pm

Hi @Marat,

For a username of USERONE you would need to use a regex of [a-zA-Z]+ in order to get upper- and lower-case letters.

[a-z]+ with a username of USERONE would not match
[A-Z]+ with a username of USERONE should match.

dg

Marat · October 23, 2020, 6:23am

Hi Davidgs! The problem is that the program doesn’t react on the regex changing. So I can use any regex and always get the same result. So when I use a regex [a-z]+ the name USERONE is forbidden, but I can create USERONE with the regex. Generally, my question is about how to turn on the property “generalResourceWhitelistPattern”.

Marat · October 27, 2020, 12:53pm

Hi Davidgs! The problem is that the program doesn’t react on the regex changing. So I can use any regex and always get the same result. So when I use a regex [a-z]+ the name USERONE is forbidden, but I can create USERONE with the regex. Generally, my question is about how to turn on the property “generalResourceWhitelistPattern”.

Georgy · October 27, 2020, 1:26pm

Hello Davidgs!
Actually I am experiencing the same problem, as Marat just mentioned. I’ve tried to change the regex in processes.xml the exact way, but it stil doesn’t work.
It would be nice if you provide some solution on this matter.

Ingo_Richtsmeier · October 27, 2020, 3:27pm

Hi @Georgy and @Marat,

the configuration depends on the distribution: Email Id as UserId not working in 7.11 Camunda

Have a look at the installation guide, each platform contains a chapter about configuration: https://docs.camunda.org/manual/7.14/installation/full/.

For Spring-Boot it’s in the User Guide: https://docs.camunda.org/manual/7.14/user-guide/spring-boot-integration/configuration/.

Hope this helps, Ingo

Marat · November 2, 2020, 1:41pm

Thank you for your answer. An implementation of authorithazionConfiguration helps me.

public class AuthorizationConfiguration extends AbstractCamundaConfiguration implements CamundaAuthorizationConfiguration {

@Override
public void preInit(final SpringProcessEngineConfiguration configuration) {
    final AuthorizationProperty authorization = camundaBpmProperties.getAuthorization();
    configuration.setAuthorizationEnabled(authorization.isEnabled());
    configuration.setAuthorizationEnabledForCustomCode(authorization.isEnabledForCustomCode());
    configuration.setAuthorizationCheckRevokes(authorization.getAuthorizationCheckRevokes());
    configuration.setGeneralResourceWhitelistPattern("[a-zA-Z0-9-@.]+");
    configuration.setUserResourceWhitelistPattern("[a-zA-Z0-9-@.]+");
    configuration.setTenantCheckEnabled(authorization.isTenantCheckEnabled());
}

}

@Configuration
public class ProjectConfiguration {

@Bean
public AuthorizationConfiguration authorizationConfiguration(){
    return new AuthorizationConfiguration();
}

}

system · January 30, 2024, 12:42pm