Bug 1445944

Summary: [downstream clone - 4.1.2] User can no longer use API having password with special character "+".
Product: Red Hat Enterprise Virtualization Manager Reporter: rhev-integ
Component: ovirt-engineAssignee: Ravi Nori <rnori>
Status: CLOSED ERRATA QA Contact: Gonza <grafuls>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 4.0.7CC: lsurette, mgoldboi, mperina, pbrilla, pstehlik, rbalakri, Rhev-m-bugs, srevivo, ykaul
Target Milestone: ovirt-4.1.2Keywords: Regression, ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1443645 Environment:
Last Closed: 2017-05-24 11:23:33 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1443645    
Bug Blocks:    

Description rhev-integ 2017-04-26 21:05:02 UTC 
+++ This bug is a downstream clone. The original bug is: +++
+++   bug 1443645 +++
======================================================================

Description of problem:
Super user having password with a special character "+" can not use API and it will fail with error:
"HTTP/1.1 401 Unauthorized"


Version-Release number of selected component (if applicable):
rhevm-4.0.7.4-0.1.el7ev.noarch

How reproducible:
Always

Steps to Reproduce:
1. Set password of admin@internal user having special character "+"/
2. Try to connect to API.
3.

Actual results:
401 Unauthorized

Expected results:
Should be able to connect to API.

Additional info:
Works fine in rhev 3.6.

(Originally by Ameya Charekar)
Comment 3 rhev-integ 2017-04-26 21:05:15 UTC 
WARN: Bug status wasn't changed from MODIFIED to ON_QA due to the following reason:

[FOUND NON-ACKED FLAGS: {'rhevm-4.1.z': '?'}]

For more info please contact: rhv-devops

(Originally by rhev-integ)
Comment 5 Gonza 2017-05-10 08:27:59 UTC 
Verified with:
rhevm-4.1.2.1-0.1.el7.noarch

User with '+' on password is able to successfully login to the API.
Comment 7 errata-xmlrpc 2017-05-24 11:23:33 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1280