[ZendTo] Limit authentication by user-name
John Thurston
john.thurston at alaska.gov
Wed Jun 15 21:08:42 BST 2022
We expect internal users to authenticate to ZendTo to perform their
transfers. There is a subset of accounts we think should _not_ be
allowed to authenticate. These accounts are recognizable because their
usernames end with magic strings:
-foo
-bar
I see 'usernameRegexp' in the config file:
// Regular expression defining a valid username for the Login page.
// Usually no need to change this.
'usernameRegexp' => '/^([a-zA-Z0-9][a-zA-Z0-9\_\.\-\@\\\]*)$/i',
Is this where I might try to hack together a regexp which would fail to
match those magic strings?
Is there a different regexp (which I have not yet found) which defines
an exclusion list of usernames?
--
--
Do things because you should, not just because you can.
John Thurston 907-465-8591
John.Thurston at alaska.gov
Department of Administration
State of Alaska
More information about the ZendTo
mailing list