Uploaded image for project: 'OpenAM Agents'
  1. OpenAM Agents
  2. AMAGENTS-1550

WPA5 doesn't encode white space in username for REST /users endpoint

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 5.0.0.3
    • Fix Version/s: 5.0.1.0, 5.5.0.0
    • Component/s: Web Agents
    • Environment:
      Apache 2.4 WINNT 64bit/WINNT
    • Target Version/s:
    • Verified Version/s:
    • Support Ticket IDs:

      Description

      5.0.0.3 Apache 2.4 WINNT 64bit/WINNT doesn't URL encode the username when it has space such as "test user1".

      2018-03-27 17:09:09.957 -0500   DEBUG [62756bb5-6e73-4847-a1c7-bf4a770655e1][source/sdk_base.c:181]http request to openam.example.com:8080
      GET /openam/json/realms/root/users/test user1?_fields=uid,mail,entryUUID,givenname,Host,UserToken,sunIdentityUserPassword HTTP/1.1^M
      Host: openam.example.com:8080^M
      Cookie: iPlanetDirectoryPro=tbhFBT...*^M
      User-Agent: OpenAM Web Agent/5.0.0.3^M
      Accept: application/json^M
      Connection: Close^M
      Content-Type: application/json; charset=UTF-8^M
      Accept-API-Version: resource=3.0, protocol=1.0^M
      X-ForgeRock-TransactionId: 62756bb5-6e73-4847-a1c7-bf4a770655e1/2^M
      ^M
      ^M
      2018-03-27 17:09:09.957 -0500   DEBUG [62756bb5-6e73-4847-a1c7-bf4a770655e1][source/sdk_base.c:220]http response 400 from openam.example.com:8080
      Transfer-Encoding: chunked
      Date: Tue, 27 Mar 2018 21:09:09 GMT
      Connection: close
      ^M
      2018-03-27 17:09:09.957 -0500   DEBUG [62756bb5-6e73-4847-a1c7-bf4a770655e1][source/request.c:1147]error fetching session data unknown system error (400)^M
      2018-03-27 17:09:09.957 -0500   DEBUG [62756bb5-6e73-4847-a1c7-bf4a770655e1][source/request.c:2028]handle_exit(): (entry status: forbidden)^M
      2018-03-27 17:09:09.957 -0500   DEBUG [62756bb5-6e73-4847-a1c7-bf4a770655e1][source/request.c:2253]handle_exit(): status: forbidden^M
      

      On tomcat access log where OpenAM server is running, this is what's printed :

      XXX.XXX.XXX.XXX - - [27/Mar/2018:17:09:09 -0400] "GET /openam/json/realms/root/users/test null" 400 -
      

        Attachments

          Activity

            People

            • Assignee:
              mareks Mareks Malnacs
              Reporter:
              sachiko Sachiko Wallace
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: