Issues with account name validation

  • By default, Sitecore allows only usernames matching the following regular expression: "^\w[\w\s]*$". This means that the username must start with an alphanumerical character followed by any number of symbols that must be alphanumeric characters or whitespaces.

    If Sitecore uses external security providers (like AD or CRM providers) that already contain names that do not pass the built-in account name validation, Sitecore may throw errors like the following one when performing security-related operations:

    System.Web.HttpRequestValidationException. Message: User name "ad\name.surname" is not valid.
    1. Add the following setting to the <settings> section in the Web.config file:
            <!--  ACCOUNT NAME VALIDATION
                  Regular expression for validating account name
            -->
            <setting name="AccountNameValidation" value="^\w[\w\s]*$"/>
    2. Replace the initial regular expression in the "value" attribute with the required expression. For example, to allow using email addresses as usernames, the regular expression must be as follows: "^\w[\w\s\.\@]*$".

    For more information about regular expressions in .NET, please refer to the following article:
    http://msdn.microsoft.com/en-us/library/hs600312(v=vs.80).aspx

Applies to:

CMS 6+

March 12, 2014
March 17, 2014

Reference number:

338873

Keywords: 

  • CMS