Users are unable to use OAuth /token service with < or/and > characters in password
Article ID: 92981
Updated On:
Products
STARTER PACK-7
CA Rapid App Security
CA API Gateway
Issue/Introduction
On using OTK /token policy using a password grant and validating against an identity provider - Active Directory using a password having characters < or/and >
Authentication against that identity provider fails.
Expected results: Authentication against that identity provider should succeed.
Authentication against that identity provider fails.
Expected results: Authentication against that identity provider should succeed.
Environment
Active Directory LDAP
CA API Gateway 9.2/9.1
OTK
CA API Gateway 9.2/9.1
OTK
Cause
The underline issue was found to be external application that was talking to LDAP was doing some manipulation on symbols in the passwords.
Resolution
In the test lab gateway seemed to support the password containing < or > characters. For example try to use authenticate against LDAP - Active Directory Identity Provider, the validation would be successful.
Additional Information
Steps to reproduce:
Set the following password on an LDAP instance: any password containing < or > characters
Call the /token endpoint using a password grant using the above password and validate against an identity provider for that LDAP instance
Set the following password on an LDAP instance: any password containing < or > characters
Call the /token endpoint using a password grant using the above password and validate against an identity provider for that LDAP instance
Feedback
Yes
No
Powered by
