Special character "%" at the beginning of the password\username\domain results in authentication failure with SEPM REST API
search cancel

Special character "%" at the beginning of the password\username\domain results in authentication failure with SEPM REST API

book

Article ID: 275153

calendar_today

Updated On:

Products

Endpoint Protection Endpoint Protection

Issue/Introduction

When using an account to connect to SEPM REST API which password or username or domain begins with the special character "%", the account cannot be authenticated

Cause

This is by design. json and URL decoder are not able to decode it as % is special character. 
To use the special character, it must be URL encoded which means % will be %25.

Resolution

encode/change % to %25 or do not use the “%” character at the beginning of username – password and domain

Additional Information

Example of error message for this issue:

 

2023-09-24 22:43:42,504 [https-openssl-nio2-0.0.0.0-8446-exec-7] ERROR c.s.s.s.c.e.h.GlobalControllerExceptionHandler - EXCEPTION: URLDecoder: Illegal hex characters in escape (%) pattern - Error at index 0 in: "P#" 
java.lang.IllegalArgumentException: URLDecoder: Illegal hex characters in escape (%) pattern - Error at index 0 in: "P#"
at java.base/java.net.URLDecoder.decode(URLDecoder.java:232)
at com.symantec.sepm.server.api.identity.IdentityControllerHelper.validateAndNormalizeUserCredentialsAndDomain(IdentityControllerHelper.java:318)
at com.symantec.sepm.server.api.identity.IdentityController.authenticateUser(IdentityController.java:129)
 
IdentityControllerHelper.java:
    String password = userCredential.getPassword().trim();
    if (StringUtils.isEmpty(password))

{       throw new InvalidArgumentException(rb.getMessage(ErrorMessage.ERROR_INVALID_LOGIN));     }

    password = StringUtils.isBlank(password) ? password : URLDecoder.decode(password,  
        StandardCharsets.UTF_8);