> On Oct 11, 2016, at 2:17 AM, Emmanuel Lécharny <[email protected]> wrote: > > Le 11/10/16 à 08:20, Patrick Brunmayr a écrit : >> Ah that makes sense but its strange. What about none ASCII chars ? How >> to treat UTF-8 special chars. Arent't they allowed >> >> in LDAP ? > > LDAP userPassword are OctetString, ie any byte from 0x00 to 0xFF. So to > speak, a String does not fit to store a password. Now, I do think that > we should store the password as a String representation of the password > using an hex form (ie, 2 chars per byte).
Backing up just a bit. The char array (as previously discussed) is how the password is stored in memory (inside embedded fortress processes running in jvm) and how it will be converted into xml and transmitted over the wire between the fortress-rest sever and its client. It would support any character set that is normally supported by that data types via JAXB (Java’s to and from XML parser) and I’m going to assume UTF-8 is included. The LDAP representation of that String is an entirely different matter that is related to but separated from this discussion.
