问题
This is quite the same question as WSO2 identity server email as username but we want to have both choice to provide username as email address or user's name (pseudo without @).
I understand the problem with the tenant fully qualified name using @ but can't we change the @ character for the tenant fully qualified ?
Is it possible to use both email address or user's name as username and if so can you provide the configuration, I cannot make it work following https://docs.wso2.com/display/IS520/Using+Email+Address+as+the+Username
I edited my question to test both Rajjaz Mohammed and Pradeepa Wickramasinghe answers :
I commented <Property name="UsernameJavascriptRegEx">
When I add a user without @ I get :
Caused by: org.wso2.carbon.user.core.UserStoreException: Username jacques.martin is not valid. User name must be a non null string with following format, ^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$
at org.wso2.carbon.user.core.common.AbstractUserStoreManager.addUser(AbstractUserStoreManager.java:1405)
If I remove this tag <Property name="UsernameJavaRegEx"> I get the following error :
TID: [1] [] [2016-11-22 13:16:50,409] admin@test.com@mytenant.com [1] [IS]ERROR {org.wso2.carbon.identity.mgt.util.Utils} - Unable to retrieve the claim for user : jacques.martin@mytenant.com
org.wso2.carbon.user.core.UserStoreException: UserNotFound: User jacques.martin@mytenant.comdoes not exist in: PRIMARY
at org.wso2.carbon.user.core.common.AbstractUserStoreManager.callSecure(AbstractUserStoreManager.java:168)
at org.wso2.carbon.user.core.common.AbstractUserStoreManager.getUserClaimValues(AbstractUserStoreManager.java:697)
at org.wso2.carbon.identity.mgt.util.Utils.getClaimFromUserStoreManager(Utils.java:189)
at org.wso2.carbon.identity.mgt.util.Utils.getEmailAddressForUser(Utils.java:226)
at org.wso2.carbon.identity.mgt.mail.AbstractEmailSendingModule.getNotificationAddress(AbstractEmailSendingModule.java:53)
at org.wso2.carbon.identity.mgt.RecoveryProcessor.notifyWithEmail(RecoveryProcessor.java:541)
at org.wso2.carbon.identity.mgt.services.UserInformationRecoveryService.registerUser(UserInformationRecoveryService.java:890)
Same error with Pradeepa Wickramasinghe's answer.
My java code is as follow :
userInformationRecoveryClient.registerUser(user.getUsername(), user.getPassword(), claims, "default", tenant );
In claims I have correctly set http://wwso2.org/claims/email
回答1:
Yes ,is it possible to used user name as both email or username. For that you need to follow the steps below,
- Enable the email user name by uncomment in [IS_HOME]/repository/conf/carbon.xml file as below,
<EnableEmailUserName>true</EnableEmailUserName>
- Add new property in to the [IS_HOME]/repository/conf/user-mgt.xml file as below,
<Property name="UsernameWithEmailJavaScriptRegEx">[a-zA-Z0-9@._-|//]{3,30}$</Property>
- Changed the "UsernameJavaRegEx" and "UsernameJavaScriptRegEx" in [IS_HOME]/repository/conf/user-mgt.xml file as below,
<Property name="UsernameJavaRegEx">[a-zA-Z0-9@._-|//]{3,30}$</Property>
<Property name="UsernameJavaScriptRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
You can found more details here.
回答2:
Try to use this line code
<Property name="UsernameJavaRegEx">^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$</Property>
Insted of using this line
<Property name="UsernameJavaScriptRegEx">^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$</Property>
回答3:
Because we call AD for our Identity Store, we found that in addition to setting
<EnableEmailUserName>true</EnableEmailUserName>
in carbon.xml, we also need to change UserNameSearchFilter to search both parts of AD
<Property name="UserNameSearchFilter">(& (objectClass=person)(|(userPrincipalName=?)(sAMAccountName=?)))</Property>
in user-mgt.xml
来源:https://stackoverflow.com/questions/40718328/wso2-identity-server-email-or-pseudo-as-username