Bug 1270708 - [GSS](6.4.z) authentication fails with password containing umlauts
Summary: [GSS](6.4.z) authentication fails with password containing umlauts
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Security
Version: 6.4.2
Hardware: Unspecified
OS: Unspecified
high
unspecified
Target Milestone: CR1
: EAP 6.4.10
Assignee: Bartek Spyrko-Smietanko
QA Contact: Josef Cacek
URL:
Whiteboard:
Depends On: 1312064 1312069
Blocks: eap6410-payload
TreeView+ depends on / blocked
 
Reported: 2015-10-12 08:34 UTC by Fedor Gavrilov
Modified: 2019-11-14 07:03 UTC (History)
14 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Bug


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker UNDERTOW-595 0 Major Resolved Basic authentication with credentials containing umlauts doesn't work on some browsers 2017-08-04 11:48:06 UTC

Description Fedor Gavrilov 2015-10-12 08:34:15 UTC
Description of problem:
Authentication using JBoss CLI and management web console works differently, prohibiting authentication with correct password on several occasions if password contains characters such as umlauts (ü). Also, case was reported when LDAP authentication was failing for such passwords as well.

Version-Release number of selected component (if applicable):
JBoss EAP 6.4 with patch 2 applied

Steps to Reproduce:
1. Using add-user.sh script, register a new management user with password like 'test123!ü'. Other details of user creation shouldn't matter.
2. Try connecting with this user using JBoss CLI. Try logging with this user using web management console.

Actual results:
On some systems, CLI authentication fails while web auth is working. On others, vice versa. Issue was seen on Fedora 20 and Ubuntu 14.04 with en_US & de_DE UTF-8 locales were. Similar behaviour was also reported on Windows 7 and Windows 2012 R2.

Expected results:
All authentication attempts successful, just as with passwords containing no umlauts.

Comment 10 JBoss JIRA Server 2016-01-31 21:22:29 UTC
Stuart Douglas <stuart.w.douglas@gmail.com> updated the status of jira UNDERTOW-595 to Resolved

Comment 14 Mike McCune 2016-03-28 22:21:53 UTC
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune@redhat.com with any questions

Comment 16 Ivo Hradek 2016-08-29 11:55:50 UTC
Verified with EAP 6.4.10.CP.CR2;

Comment 17 Petr Penicka 2017-01-17 13:03:32 UTC
Retroactively bulk-closing issues from released EAP 6.4 cummulative patches.

Comment 18 Petr Penicka 2017-01-17 13:03:33 UTC
Retroactively bulk-closing issues from released EAP 6.4 cummulative patches.


Note You need to log in before you can comment on or make changes to this bug.