Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1270708

Summary: [GSS](6.4.z) authentication fails with password containing umlauts
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Fedor Gavrilov <fgavrilo>
Component: SecurityAssignee: Bartek Spyrko-Smietanko <bspyrkos>
Status: CLOSED CURRENTRELEASE QA Contact: Josef Cacek <jcacek>
Severity: unspecified Docs Contact:
Priority: high    
Version: 6.4.2CC: anmiller, bbaranow, bdawidow, bmaxwell, bspyrkos, darran.lofthouse, dosoudil, fgavrilo, ihradek, jtruhlar, msochure, pskopek, tfonteyn, twalsh
Target Milestone: CR1Keywords: Security
Target Release: EAP 6.4.10   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1312064, 1312069    
Bug Blocks: 1339868    

Description Fedor Gavrilov 2015-10-12 08:34:15 UTC 
Description of problem:
Authentication using JBoss CLI and management web console works differently, prohibiting authentication with correct password on several occasions if password contains characters such as umlauts (ü). Also, case was reported when LDAP authentication was failing for such passwords as well.

Version-Release number of selected component (if applicable):
JBoss EAP 6.4 with patch 2 applied

Steps to Reproduce:
1. Using add-user.sh script, register a new management user with password like 'test123!ü'. Other details of user creation shouldn't matter.
2. Try connecting with this user using JBoss CLI. Try logging with this user using web management console.

Actual results:
On some systems, CLI authentication fails while web auth is working. On others, vice versa. Issue was seen on Fedora 20 and Ubuntu 14.04 with en_US & de_DE UTF-8 locales were. Similar behaviour was also reported on Windows 7 and Windows 2012 R2.

Expected results:
All authentication attempts successful, just as with passwords containing no umlauts.
Comment 10 JBoss JIRA Server 2016-01-31 21:22:29 UTC 
Stuart Douglas <stuart.w.douglas> updated the status of jira UNDERTOW-595 to Resolved
Comment 14 Mike McCune 2016-03-28 22:21:53 UTC 
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune with any questions
Comment 16 Ivo Hradek 2016-08-29 11:55:50 UTC 
Verified with EAP 6.4.10.CP.CR2;
Comment 17 Petr Penicka 2017-01-17 13:03:32 UTC 
Retroactively bulk-closing issues from released EAP 6.4 cummulative patches.
Comment 18 Petr Penicka 2017-01-17 13:03:33 UTC 
Retroactively bulk-closing issues from released EAP 6.4 cummulative patches.