Bug 1070388 - register fails with password containing special characters
Summary: register fails with password containing special characters
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: subscription-manager
Version: 6.5
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Bryan Kearney
QA Contact: John Sefler
URL:
Whiteboard:
Depends On:
Blocks: rhsm-rhel66
TreeView+ depends on / blocked
 
Reported: 2014-02-26 17:14 UTC by John Eckersberg
Modified: 2014-10-14 07:46 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: subscription-manager failed to accept valid passwords containing special characters for portal accounts. Consequence: Unable to register with some accounts Fix: accept valid passwords for accounts. Result: registration no longer blocked for users with passwords using special characters
Clone Of:
Environment:
Last Closed: 2014-10-14 07:46:48 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2014:1384 normal SHIPPED_LIVE subscription-manager bug fix and enhancement update 2014-10-14 01:27:50 UTC

Description John Eckersberg 2014-02-26 17:14:36 UTC
Description of problem:
subscription-manager fails to register when given a password containing special characters

Version-Release number of selected component (if applicable):
subscription-manager-1.9.11-1.el6.x86_64

How reproducible:
always

Steps to Reproduce:
-bash-4.1# subscription-manager register
Username: (redacted)
Password: 
Invalid username or password. To create a login, please visit https://www.redhat.com/wapps/ugc/register.html

In this case, the randomly-generated password supplied is:
:ofTe_`!(D=k

Logging in to the customer portal with the same username/password works.  Changing the password to one that does not contain special characters works.  I also tried supplying the password, quoted on the CLI, with --password=':ofTe_`!(D=k' and that fails as well.

Comment 2 Chris Snyder 2014-05-27 14:27:56 UTC
Should be in as of commit: 296d4c518402dfd9c61bc5d238bbe7592f3ff91a

Comment 3 Rehana 2014-07-08 14:37:43 UTC
Retested against stage server, created a new user "stage_test_newuser" with password !@#$(W=!%4

Observation

1;Unable to login via access.stage.redhat.com using the credentials, (Username or password was invalid )
2.Unable to register via cli 
 subscription-manager register --username=stage_test_newuser
Password: 
Invalid username or password. To create a login, please visit https://www.redhat.com/wapps/ugc/register.html

**account creation was successfully completed*****

Starting user stage_test_newuser
Registering the user stage_test_newuser
7304232
Registering the SKU RH00004 for user stage_test_newuser
5
RH00004
c51c6dadc40c2a6d
Activating the order for user stage_test_newuser
#<HTTParty::Response:0x1dcea50 parsed_response={"id"=>3293730, "renewedId"=>nil, "masterEndSystemName"=>"SUBSCRIPTION", "createdEndSystemName"=>"genie", "createdByUserName"=>"stage_test_newuser", "createdDate"=>1404828292941, "lastUpdateEndSystemName"=>"genie", "lastUpdateUserName"=>"stage_test_newuser", "lastUpdateDate"=>1404828292941, "externalCreatedDate"=>nil, "externalLastUpdateDate"=>nil, "installBaseStartDate"=>1388466000000, "installBaseEndDate"=>1420001999999, "inactiveDate"=>1406087999999, "oracleAccountNumber"=>nil, "oracleMSANumber"=>nil, "oracleIBInstanceNumber"=>nil, "webCustomerId"=>7304232, "registrationNumber"=>"c51c6dadc40c2a6d", "installationNumber"=>"c51c6dadc40c2a6d", "subscriptionNumber"=>"3294729", "quantity"=>5, "subscriptionProducts"=>[{"id"=>11592466, "masterEndSystemName"=>"SUBSCRIPTION", "createdEndSystemName"=>"genie", "createdByUserName"=>"stage_test_newuser", "createdDate"=>1404828292941, "lastUpdateEndSystemName"=>"genie", "lastUpdateUserName"=>"stage_test_newuser", "lastUpdateDate"=>1404828292941, "externalCreatedDate"=>nil, "externalLastUpdateDate"=>nil, "activeStartDate"=>nil, "activeEndDate"=>nil, "inactiveDate"=>1406087999999, "signedDate"=>nil, "terminatedDate"=>nil, "renewedDate"=>nil, "oracleContractId"=>nil, "oracleContractId11i"=>false, "oracleContractNumber"=>nil, "oracleAuthoringOrgId"=>"103", "oracleContractDescription"=>nil, "oracleContractHeaderStatus"=>nil, "oracleBillToPSNumber"=>nil, "oracleShipToPSNumber"=>nil, "parentSubscriptionProductId"=>nil, "oracleOrderNumber"=>nil, "oracleOrderLineId"=>nil, "externalOrderSystemName"=>"genie", "externalOrderNumber"=>nil, "status"=>"temporary", "oracleInventoryOrgId"=>nil, "sku"=>"RH00004", "childrenIds"=>[11592467], "serviceable"=>false}, {"id"=>11592467, "masterEndSystemName"=>"SUBSCRIPTION", "createdEndSystemName"=>"genie", "createdByUserName"=>"stage_test_newuser", "createdDate"=>1404828292941, "lastUpdateEndSystemName"=>"genie", "lastUpdateUserName"=>"stage_test_newuser", "lastUpdateDate"=>1404828292941, "externalCreatedDate"=>nil, "externalLastUpdateDate"=>nil, "activeStartDate"=>nil, "activeEndDate"=>nil, "inactiveDate"=>1406087999999, "signedDate"=>nil, "terminatedDate"=>nil, "renewedDate"=>nil, "oracleContractId"=>nil, "oracleContractId11i"=>false, "oracleContractNumber"=>nil, "oracleAuthoringOrgId"=>"103", "oracleContractDescription"=>nil, "oracleContractHeaderStatus"=>nil, "oracleBillToPSNumber"=>nil, "oracleShipToPSNumber"=>nil, "parentSubscriptionProductId"=>11592466, "oracleOrderNumber"=>nil, "oracleOrderLineId"=>nil, "externalOrderSystemName"=>"genie", "externalOrderNumber"=>nil, "status"=>"temporary", "oracleInventoryOrgId"=>nil, "sku"=>"SYSRH00004", "childrenIds"=>[11592468], "serviceable"=>false}, {"id"=>11592468, "masterEndSystemName"=>"SUBSCRIPTION", "createdEndSystemName"=>"genie", "createdByUserName"=>"stage_test_newuser", "createdDate"=>1404828292941, "lastUpdateEndSystemName"=>"genie", "lastUpdateUserName"=>"stage_test_newuser", "lastUpdateDate"=>1404828292941, "externalCreatedDate"=>nil, "externalLastUpdateDate"=>nil, "activeStartDate"=>1388466000000, "activeEndDate"=>1420001999999, "inactiveDate"=>1406087999999, "signedDate"=>nil, "terminatedDate"=>nil, "renewedDate"=>nil, "oracleContractId"=>nil, "oracleContractId11i"=>false, "oracleContractNumber"=>nil, "oracleAuthoringOrgId"=>"103", "oracleContractDescription"=>nil, "oracleContractHeaderStatus"=>nil, "oracleBillToPSNumber"=>nil, "oracleShipToPSNumber"=>nil, "parentSubscriptionProductId"=>11592467, "oracleOrderNumber"=>nil, "oracleOrderLineId"=>nil, "externalOrderSystemName"=>"genie", "externalOrderNumber"=>nil, "status"=>"temporary", "oracleInventoryOrgId"=>nil, "sku"=>"SVCRH00004", "childrenIds"=>[], "serviceable"=>true}], "customer"=>nil}, @response=#<Net::HTTPOK 200 OK readbody=true>, @headers={"server"=>["Apache-Coyote/1.1"], "content-type"=>["application/json"], "date"=>["Tue, 08 Jul 2014 14:04:53 GMT"], "connection"=>["close"]}>
Accepting terms for stage_test_newuser
USER stage_test_newuser finished
###########################################
###########################################
###########################################
###########################################

# cat ../stage_test.csv 
stage_test_newuser,!@#$(W=!%4,RH00004,5


Moving the bz back to Assigned

Comment 4 Chris Snyder 2014-07-08 18:14:06 UTC
I was not able to reproduce against stage server. I created these two accounts (without accepting any terms and conditions) through the customer portal https://access.stage.redhat.com/home

user: stage_test_1070388_a
pass: :ofTe_`!(D=k

user: stage_test_1070388_b
pass: !@#$(W=!%4

[root@dhcp129-3 Development]# subman register --serverurl=subscription.rhn.stage.redhat.com:443/subscription --username stage_test_1070388_a --password=':ofTe_`!(D=k'
You must first accept Red Hat's Terms and conditions. Please visit https://www.redhat.com/wapps/ugc

[root@dhcp129-3 Development]# subman register --serverurl=subscription.rhn.stage.redhat.com:443/subscription --username stage_test_1070388_b --password='!@#$(W=!%4'
You must first accept Red Hat's Terms and conditions. Please visit https://www.redhat.com/wapps/ugc

both pass

Comment 5 Rehana 2014-07-09 13:55:26 UTC
Retested on 

subscription-manager  version
server type: This system is currently not registered.
subscription management server: 0.9.20.1-1
subscription management rules: 5.9
subscription-manager: 1.12.7-1.el6
python-rhsm: 1.12.4-1.el6


Observed that now the register and login is successfully completed with passwords having special characters (via portal and subscription-manager cli) 

#  subscription-manager register --username=stage_test_re1070388 --password='!@#$(W=!%4'
You must first accept Red Hat's Terms and conditions. Please visit https://www.redhat.com/wapps/ugc

Moving the bug to "Verified"

Comment 7 errata-xmlrpc 2014-10-14 07:46:48 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1384.html


Note You need to log in before you can comment on or make changes to this bug.