3.7.44. UsernameCharset Previous topic Parent topic Child topic Next topic

This optional parameter checks that every user name consists only of the characters in the specified character set. This can be useful to reject requests that have user names that cannot be valid. The value of the parameter is a Perl character set specification. See your Perl reference manual for details about how to construct Perl character set specifications. Note that the some special characters must be escaped with a backslash. This parameter is not set by default and no character set check is done.
UsernameCharset is available as a global and Handler level parameter. The character set checks are done for both User-Name attribute and EAP identity.
When a request is processed by a Handler, User-Name attribute must pass both global and per Handler UsernameCharset checks. When an EAP-Response/Identity message is handled by an AuthBy, the EAP identity must pass both global and per Handler UsernameCharset checks. The Handler is the last Handler that processed the request before it was passed to the AuthBy.
This example permits only alphanumeric, period, underscore, the @-sign, and dash. Note that a dash at the end of character class needs not to be escaped with a backslash:
UsernameCharset a-zA-Z0-9._@-