Bug 663722
Summary: | passwords do not seem to allow special characters? | ||
---|---|---|---|
Product: | [Other] RHQ Project | Reporter: | John Mazzitelli <mazz> |
Component: | Core UI | Assignee: | Charles Crouch <ccrouch> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Mike Foley <mfoley> |
Severity: | medium | Docs Contact: | |
Priority: | high | ||
Version: | 4.0.0.B02 | CC: | hbrock, sdharane |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-09-03 17:00:54 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 729848, 730796 |
Description
John Mazzitelli
2010-12-16 16:50:38 UTC
assigning to ips since he knows all about the new gwt add-user functionality [master fe95a5a] fixes this. In LoginView.login(), we needed to URL-encode the username and password in the body of the POST request sent to authenticate with portal-war. To QA this, try changing some user's password to "%%%%%%" and then trying to login as that user. (In reply to comment #2) > To QA this, try changing some user's password to "%%%%%%" and then trying to > login as that user. QA should not just test with that one special character. Test with my replication procedure to test that we support all those special characters (or more if QA wants): "Create a new user and make the password: ~!@#$%^&*()_+ (just hold the shift key and move left-to-right along the top row of a US keyboard)" Tested on the build#306(Version: 4.1.0-SNAPSHOT Build Number: c5c70b8) Created a new user with the password: ~!@#$%^&*()_+ and tried to login with the user created. It's not allowing me to login to RHQ. It shows a message "The username or password provided does not match our records." at login screen. Moving to ON_DEV. Good call, Mazz. I was using URL.encode() to encode the username and password, but should have been using URL.encodeComponent(), which also encodes URL delimiters such as '?' and '&'. [master a2489d6] should put this to bed. Bulk closing of old issues that are in VERIFIED state. |