Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-15846

Password that contain special characters do not work for internal users

    XMLWordPrintable

    Details

    • Verified Version/s:
    • Support Ticket IDs:

      Description

      Using punctuations in passwords for the 'openidm-admin' user doesn't work for some combination of punctuations and works for others. 

      Followed the documentation for changing administrator password:

      https://backstage.forgerock.com/docs/idm/7/security-guide/authenticating-users.html#change-default-admin-pwd

      (update either boot.json or setting the password value directly on authentication.json file)

       

      The following was observed on idm 7.0.1 and using punctuations in passwords for internal user 

      A password with only the caret punctuation: ^
      This works, for example, a password such as

      ^1X2Dy2^vUH8EQ2IN9ztNFVEAc51evdOaz^^ 
      

       

      A password with another punctuation alongside the caret punctuation does not work:

      ^1X2Dy2^vUH8EQ2@IN9ztNFVEAc51evdOaz^^

      A password with multiple punctuations without the caret punctuation works:

      d2FTXI@&kJnHaIkGd&7p9TvT3y1oYHB​

       

      There seems to be an issue with the caret punctuation being used with other punctuations that does not work for some reason, maybe the encryption of the password.

       

      The error is a generic "Login/password combination is invalid"

       

       

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              victor.ortega Victor Ortega
              Reporter:
              jason.yuen Jason Yuen
              QA Assignee:
              Son Nguyen Son Nguyen
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: