[ 
https://issues.apache.org/jira/browse/RANGER-3179?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17283885#comment-17283885
 ] 

C.J. Collier commented on RANGER-3179:
--------------------------------------

or perhaps this?

 

 
{code:java}
diff --git 
a/agents-common/src/main/java/org/apache/ranger/plugin/util/XMLUtils.java 
b/agents-common/src/main/java/org/apache/ranger/plugin/util/XMLUtils.java
index 3b674f866..7f59b6d80 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/util/XMLUtils.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/util/XMLUtils.java
@@ -30,6 +30,7 @@ import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
 
 import org.apache.log4j.Logger;
+import org.apache.commons.lang.StringEscapeUtils;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
@@ -89,7 +90,7 @@ public class XMLUtils {
                                                properties.remove(propertyName);
                                        }
 
-                                       properties.put(propertyName, 
propertyValue);
+                                       properties.put(propertyName, 
StringEscapeUtils.unescapeXml(propertyValue));
 
                                }
                        }

{code}
 

> ranger-ugsync-site.xml parser XMLUtils::loadConfig unable to cope with 
> special characters in passwords
> ------------------------------------------------------------------------------------------------------
>
>                 Key: RANGER-3179
>                 URL: https://issues.apache.org/jira/browse/RANGER-3179
>             Project: Ranger
>          Issue Type: Improvement
>          Components: Ranger
>    Affects Versions: 1.2.0
>            Reporter: C.J. Collier
>            Priority: Major
>
> Customer is using a password with an & character in their ldapbindpassword 
> from ranger-ugsync-site.xml
>  
> Attempts to escape with & or by wrapping the password in a 
> <![CDATA[...]]>  element failed with different errors.
>  
> Solution could be to account for CDATA wrapper in loadConfig
>  
> Log examples follow.  First with & escaped as &amp;:
>  
> 12 Feb 2021 00:03:21 ERROR LdapDeltaUserGroupBuilder [UnixUserSyncThread] - 
> LdapDeltaUserGroupBuilder.getGroups() failed with exception: 
> javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: 
> LdapErr: DSID-0C09044E, comment: AcceptSecurityContext error, data 52e, 
> v2580]; remaining name 'DC=caremarkrx,DC=net'
>  
> And another example with the raw password, unescaped:
> 12 Feb 2021 00:49:37 ERROR XMLUtils [main] - Error loading : 
> org.xml.sax.SAXParseException; lineNumber: 52; columnNumber: 21; The 
> reference to entity "I4F" must end with the ';' delimiter. at 
> [com.sun.org|http://com.sun.org/].apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:257)
>  at 
> [com.sun.org|http://com.sun.org/].apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:339)
>  at javax.xml.parsers.DocumentBuilder.parse(DocumentBuilder.java:121) at 
> org.apache.ranger.plugin.u



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to