[
https://issues.apache.org/jira/browse/AXIS2-6057?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robert Lazarski resolved AXIS2-6057.
------------------------------------
Resolution: Fixed
> Special characters are not allowed in password after upgrade( from 1.7.9 to
> 1.8.2)
> ----------------------------------------------------------------------------------
>
> Key: AXIS2-6057
> URL: https://issues.apache.org/jira/browse/AXIS2-6057
> Project: Axis2
> Issue Type: Bug
> Components: admin console
> Affects Versions: 1.8.2
> Reporter: krishna kadire
> Assignee: Robert Lazarski
> Priority: Blocker
> Fix For: 2.0.0
>
>
> We Migrated Axis2 from 1.7.9 to 1.8.2, now we are not able to use special
> characters in "Password" parameter in axis2.xml. When we give special
> characters in "Password" parameter we are getting "Invalid auth credentials!"
> error. (it was not the case earlier in 1.7.9).
>
> It's a blocker for us, as we use auto generated passwords, which we do not
> have control.
>
> I see this is because of below code in AdminActions
>
> if (password != null &&
> !password.matches(HTTP_PARAM_VALUE_REGEX_WHITELIST_CHARS))
> { log.error("login() received invalid 'password' param,
> redirecting to: " + WELCOME); return new
> Redirect(WELCOME).withParameter("failed", "true"); }
>
> The following is the result when the username & password are set to :
> |*Username*|*Password*|*Login status*|
> |Admin|axis2|able to login|
> |harsha|harsha|able to login|
> |1harsha|harsha|able to login|
> |1harsha|harsha!|Login fails|
>
> so because of
> private static final String HTTP_PARAM_VALUE_REGEX_WHITELIST_CHARS =
> "^[a-zA-Z0-9.\\-\\/+=@,:\\\\ ]*$";
> now it is not allowing all special characters.
>
> Is there any workaround for it?
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org
