Password with £ or € characters not correctly updated User Store with Policy Server
search cancel

Password with £ or € characters not correctly updated User Store with Policy Server

book

Article ID: 226001

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Agents (SiteMinder)

Issue/Introduction

When running a Policy Server, at times the user changes its password for one with the character £ or €, then the last character of that password gets trimmed in the DataBase User Store.

To illustrate :

The user <user>@mail.example.com changes its password to

"<value£value>".

The password in the DataBase User Store gets set to

"<value£>".

The last "value" gets removed after the £ character.

When changing the user password through AdminUI, then the password gets correctly updated in the database without missing characters.

Cause

The issue only occurs in the Customized journey where the page

http://server.example.com/password/change

which put the old and new passord in one encrypted value which it posts to:

http://server.example.com/pw/PWS.fcc

and

http://server.example.com/passwordchange/PSWDChangeServlet?SMENC=UTF-8&SMTOKEN=$SM$<value>&USERNAME=<user>@mail.example.com&SMAUTHREASON=23&SMAGENTNAME=<agent>&TARGET=$SM$http%3A%2F%2Fserver.example.com%2FApp%2F

PSWDChangeServlet is a class of jpw.jar.

Java and CGI password services are deprecated since 2004 (1).

So to get continuity in the development and bug fixed, use the FCC password services (ie.: smpwservices.fcc) (2)(3).

Resolution

As PWS.fcc is deprecated, change the code in order to use smpwservices.fcc instead of PWS.fcc to solve the issue.

Out of the box smpwservices.fcc doesn't show that issue.

Additional Information

  1. Netegrity SiteMinder Web Agent v5.x QMR 7

    Release Notes

          CGI and JSP Password Services Being Deprecated (29865) 

          CGI and JSP versions of Password Services are being deprecated
          as of Web Agent 5.x QMR 7. CGI and JSP Password Services will
          continue to be shipped and supported, but these versions will be
          phased out in the future.  A new FCC Password Services application
          has been introduced at 5.x QMR 7.  For more information, see
          1.2. FCC Password Services on page 4.
          
          (c) Netegrity, Inc. All rights reserved. October 12, 2004
  2. smpwservicescgi.exe cannot be found in Web Agent

  3. Incorrect old password change redirects to login.fcc in Web Agent

Powered by Wolken Software