How to disable disableCheckUsername in Portal

Document ID:  TEC1592122
Last Modified Date:  06/19/2017
{{active ? 'Hide' : 'Show'}} Technical Document Details


  • CA API Developer Portal


  • CA API Developer Portal:Release:3.5



Any person who got access to portal URL can collect data regarding portal users. 

Without any credentials, an attaker can use /register/check/username API, that returns 

"The name seenu is already in use, please choose something else" 

in case when use is already exists. 


Use the GUI to edit the file. 

1. In a browser use http://<portal>/admin (login using admin account) 

2. click on workspace --> Content items --> System --> conf 

3. Choose the edit button next to properties.xml 

4. Change <Property name="disableCheckUsername" value="no" /> 


<Property name="disableCheckUsername" value="yes" /> 

5. Choose Save 

6. To publish this file, click on the green arrow next to properties.xml 

7. restart portal (service apiportal restart) 

Now check http://<portal>/register/check/username?username=admin 

This will throw a page cannot be displayed error.

Please help us improve!

Will this information enable you to resolve your issue?

Please tell us what we can do better.

{{feedbackText.length ? feedbackText.length : '0'}}/255


Not what you were looking for?

Search Again >

Product Information

Support by Product >


Join a Community >

Chat with CA

Just give us some brief information and we'll connect you to the right CA ExpertCA sales representative.

Our hours of availability are 8AM - 5PM CST.

All Fields Required


We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{}} will be helping you today.

    View Profile

  • Transfered to {{}}

    {{}} joined the conversation

    {{}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1]}} has ended.
    Thank you for your interest in CA.

    Rate Your Chat Experience.


agent is typing