On Jan 30, 2012, at 12:53 PM, Trong Tran wrote:


On 27 January 2012 00:58, Christophe Laprun <claprun@redhat.com> wrote:
Hi all,

I'm currently working on https://issues.jboss.org/browse/GTNPORTAL-1673 and I'm quite puzzled by the different rules that are in place to validate usernames. Not only are these rules not consistent across fields which display usernames (some are validated using UsernameValidator, some are validated using ExpressionValidator) but I'm also confused about the need to validate read-only fields (which presumably will only display valid information since it doesn't come from the user, right?). What are the rules for a valid username and where are they documented? What are the restrictions and why are they in place?

Defining the rules for a valid username is a long story, they have been changed/updated many times according to users need. They are also not fixed and documented so far. Until now, we still have requests related to this like : to support case-sensitive, or possible to add username under an email address.

Anyway the rules should be consistent every places and no need to validate read-only fields, they are considered as issues

I understand that due to the long story of changes it is rather hard to come up with consistent list. However we need to decide on some plan to fix the situation and agree if it is possible and safe to do it now. 

Trong, who do you think should be involved to get more clear picture about reasons for current restrictions? If we decide that it is too risky to loosen them now thats also quite valid outcome. 

Bolek