Add a User - Documentation topics on: adding a user,ldap,user management,users,.

Add a User

As mentioned in the User Management documentation, there are two basic types of dotCMS users: backend and frontend.

As a best practice, backend users can be added to dotCMS in the following ways:

  1. Created and permissioned automatically through LDAP integration
    • This is the most efficient method of user creation and permissioning since LDAP supplies the user account information and assigns a user to the proper roles based upon the LDAP groups the user belongs to.
    • When configured properly in LDAP, first time users of dotCMS merely attempt to login using their LDAP username and password, and their account is created and assigned roles immediately.
    • For information on how to configure dotCMS to communicate with LDAP, please see the LDAP Configuration documentation.
  2. Manually added individually
    • To create individual users:
      1. Select System -> Users to open the Users screen.
      2. Click the Add User button.
      3. Enter the basic user information as illustrated in the image below:

        User Details Page

User and Password Requirements

User Name Requirements

When you create a new user account, the First Name and Last Name are checked to ensure they meet the validation requirements specified for your site.

By default, dotCMS is configured to require name fields to contain 1 or more alphanumeric characters (a-z, A-Z, or 0-9). All standard UTF-8 characters, in all languages, are allowed.

Although it can be modified via plugin, this is the default UserName.regexp.pattern validation property in the system.properties file:

UserName.regexp.pattern=^(?!.*[>|<|\\t|\\n|\\r|\\f].*)

Please see the examples below for custom variations to the user name is validation.

Important Notes:

  • It is strongly recommended that all changes to the system.properties file be made through a ROOT folder plugin.
  • Whenever a user name is displayed on a page on your site, control characters contained in the user name - such as angle brackets (< and >), will be invalidated. These characters should not be allowed.
    • The use of $ and # is allowed by default, and will not execute when calling $user.firstName or $user.lastName (for example), in a Velocity widget.
    • Characters that are not UTF-8 may cause issues with the username, and should not be allowed.

Password Requirements

When a user attempts to change their password, the new password entered by the user is checked to ensure it meets the security requirements set for your site.

By default, dotCMS is configured to require every password to contain a minimum of 6 characters.

passwords.regexptoolkit.pattern=/^\\S{6,}\\Z/

However you may change dotCMS to increase or change the password requirements for users of your site. For more information on configuring password security, please see the Password Security Configuration documentation.

Custom Validation

Example 1: Restrict the Minimum and Maximum Length

The following value of the UserName.regexp.pattern property changes the default pattern to reject user names which are shorter than 6 characters or longer than 20 characters.

UserName.regexp.pattern=^([\\w]{6,20})$
Example 2: Prevent User Names from Beginning with a Digit

The following value of the UserName.regexp.pattern property modifies the pattern from the previous example to ensure that user names may not begin with a digit (0-9). Note that because this pattern specifies the first character explicitly, the values which specify the string length are reduced by one (to 5 and 19).

UserName.regexp.pattern=^((?!\\d)[\\w]{5,19})$

Important Notes

The dotCMS distribution is configured by default with minimal security to ease installation, evaluation, and testing of the dotCMS starter site. Therefore the default values of all password validation properties are set to the minimum security levels.

It is strongly recommended that you increase the password security settings for your site before publishing it.