Login should not start with .-_@

spu · February 23, 2023, 11:26am

Hi,

after Upgrading to 9.9 from 8.9, we face the following issue when creating users that starts with _:

2023.01.13 15:18:21 ERROR web[AYVy0mE3hmbIVM1LDe8x][o.s.s.a.CredentialsExternalAuthentication] 
Error during authentication org.sonar.server.exceptions.BadRequestException: Login should not start with .-_@

This is a result of SONAR-17291 where this limitation was introduced.

Is there any reasoning for this limitation? All our technical users are prefixed with _. Already existing users with a _ prefix are still able to login. So this only applies to new users being created.

System information:

SonarQube Community Edition: 9.9.0.65466
External User Authentication: Crowd
Database: Oracle
java.runtime.name: OpenJDK Runtime Environment
java.runtime.version: 17.0.6+10-LTS
OS: SUSE Linux Enterprise Server 12 SP5 / Kernel 4.12.14-122.133-default

benjamin.campomenosi · February 27, 2023, 9:32am

Hi Dennis, thanks for the feedback.

After examining this ticket and the corresponding code, it is due to a misunderstanding of the tickets.

I created a ticket to fix it : SONAR-18573

benjamin.campomenosi · March 22, 2023, 9:25am

Hi,
the fix is done and available in version 10.0.

spu · March 24, 2023, 3:23pm

Thank you! Any chance for a LTS backport?