[ZendTo] Limit authentication by user-name
Greg Clarke
greg.clarke at waikato.ac.nz
Thu Jun 16 02:52:23 BST 2022
Hi there
This will handle full addressing as will as domain origin.
(?!.*-(foo|bar|baz)(\@|$))
All the best
Greg
On Thu, 16 Jun 2022 at 11:22, John Thurston via ZendTo <zendto at zend.to>
wrote:
> Experimentation shows I can get the behavior I seek by prepending
> (?!.*-(foo|bar|baz)$)
> to the default usernameRegexp (well, prepending it to the expression,
> not the string. So stuffing it between the / and the ^)
>
> The result is a line in the log, of the form:
> Warning: illegal username "jimmy-joe-foo" attempted to login
>
> I still haven't found an exclusion regexp, so this may have to do.
>
>
>
> --
> Do things because you should, not just because you can.
>
> John Thurston 907-465-8591
> John.Thurston at alaska.gov
> Department of Administration
> State of Alaska
>
> On 6/15/2022 12:08 PM, John Thurston via ZendTo wrote:
> > We expect internal users to authenticate to ZendTo to perform their
> > transfers. There is a subset of accounts we think should _not_ be
> > allowed to authenticate. These accounts are recognizable because their
> > usernames end with magic strings:
> > -foo
> > -bar
> >
> > I see 'usernameRegexp' in the config file:
> > // Regular expression defining a valid username for the Login page.
> > // Usually no need to change this.
> > 'usernameRegexp' => '/^([a-zA-Z0-9][a-zA-Z0-9\_\.\-\@\\\]*)$/i',
> >
> > Is this where I might try to hack together a regexp which would fail to
> > match those magic strings?
> >
> > Is there a different regexp (which I have not yet found) which defines
> > an exclusion list of usernames?
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://jul.es/mailman/listinfo/zendto
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://jul.es/pipermail/zendto/attachments/20220616/4bc6b431/attachment.html>
More information about the ZendTo
mailing list