Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-4818

Cannot update Protected Attributes in a User's Profile if password contains UTF-8 characters

    Details

    • Sprint:
      Sprint 69 - Team Newton, Sprint 70 - Team Newton, Sprint 71 - Team Newton

      Description

      When updating a user profile including protected attributes, it is necessary to provide a password as a header attribute as a currentpassword header. HTTP Headers only support ISO-8859-1, meaning that if the password is "パスワード" it will fail.

      At the moment XUI fails to send the request as it is unable to up the password in, instead showing the error message "Unknown error. Please contact your Administrator".

      Even if the requeset is sent the header with UTF-8 characters, for example

      curl \
      --data '{"givenName":"name","sn":"demo","mail":"demo@example.com","telephoneNumber":"555"}' \
      --header "iPlanetDirectoryPro: AQIC5...Az*" \
      --header "currentpassword: パスワードパスワード" \
      --request PUT \
      --header "Content-Type: application/json" \
      http://openam.example.com:8080/openam/json/users/demo
      

      the request fails with the debug message

      ERROR: Unauthorized user.

      in the OpenAM CoreSystem debug logs.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                neil.madden Neil Madden
                Reporter:
                samdrew Sam Drew
                QA Assignee:
                Sam Drew
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: