How to disable disableCheckUsername in Portal

Document ID:  TEC1592122
Last Modified Date:  06/19/2017
{{active ? 'Hide' : 'Show'}} Technical Document Details

Products

  • CA API Developer Portal

Releases

  • CA API Developer Portal:Release:3.5

Components

  • API PORTAL:APIPRD
Introduction:

Any person who got access to portal URL can collect data regarding portal users. 

Without any credentials, an attaker can use /register/check/username API, that returns 

"The name seenu is already in use, please choose something else" 

in case when use is already exists. 

Instructions:

Use the GUI to edit the file. 

1. In a browser use http://<portal>/admin (login using admin account) 

2. click on workspace --> Content items --> System --> conf 

3. Choose the edit button next to properties.xml 

4. Change <Property name="disableCheckUsername" value="no" /> 

To 

<Property name="disableCheckUsername" value="yes" /> 

5. Choose Save 

6. To publish this file, click on the green arrow next to properties.xml 

7. restart portal (service apiportal restart) 

Now check http://<portal>/register/check/username?username=admin 

This will throw a page cannot be displayed error.

Please help us improve!

Will this information enable you to resolve your issue?

Please tell us what we can do better.

{{feedbackText.length ? feedbackText.length : '0'}}/255

{{status}}

Not what you were looking for?

Search Again >

Product Information

Support by Product >

Communities

Join a Community >

Chat with CA

Just give us some brief information and we'll connect you to the right CA ExpertCA sales representative.

Our hours of availability are 8AM - 5PM CST.

All Fields Required

connecting

We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{message.agentProfile.name}} will be helping you today.

    View Profile


  • Transfered to {{message.agentProfile.name}}

    {{message.agentProfile.name}} joined the conversation

    {{message.agentProfile.name}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1].agentProfile.name}} has ended.
    Thank you for your interest in CA.


    Rate Your Chat Experience.

    {{chat.statusMsg}}

agent is typing