1270708 – [GSS](6.4.z) authentication fails with password containing umlauts

Bug 1270708 - [GSS](6.4.z) authentication fails with password containing umlauts

Summary: [GSS](6.4.z) authentication fails with password containing umlauts

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	JBoss Enterprise Application Platform 6
Classification:	JBoss
Component:	Security
Sub Component:
Version:	6.4.2
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	unspecified
Target Milestone:	CR1
Target Release:	EAP 6.4.10
Assignee:	Bartek Spyrko-Smietanko
QA Contact:	Josef Cacek
Docs Contact:
URL:
Whiteboard:
Depends On:	1312064 1312069
Blocks:	eap6410-payload
TreeView+	depends on / blocked

Reported:	2015-10-12 08:34 UTC by Fedor Gavrilov
Modified:	2019-11-14 07:03 UTC (History)
CC List:	14 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	UNDERTOW-595	0	Major	Resolved	Basic authentication with credentials containing umlauts doesn't work on some browsers	2017-08-04 11:48:06 UTC

Description Fedor Gavrilov 2015-10-12 08:34:15 UTC

Description of problem:
Authentication using JBoss CLI and management web console works differently, prohibiting authentication with correct password on several occasions if password contains characters such as umlauts (ü). Also, case was reported when LDAP authentication was failing for such passwords as well.

Version-Release number of selected component (if applicable):
JBoss EAP 6.4 with patch 2 applied

Steps to Reproduce:
1. Using add-user.sh script, register a new management user with password like 'test123!ü'. Other details of user creation shouldn't matter.
2. Try connecting with this user using JBoss CLI. Try logging with this user using web management console.

Actual results:
On some systems, CLI authentication fails while web auth is working. On others, vice versa. Issue was seen on Fedora 20 and Ubuntu 14.04 with en_US & de_DE UTF-8 locales were. Similar behaviour was also reported on Windows 7 and Windows 2012 R2.

Expected results:
All authentication attempts successful, just as with passwords containing no umlauts.

Comment 10 JBoss JIRA Server 2016-01-31 21:22:29 UTC

Stuart Douglas <stuart.w.douglas> updated the status of jira UNDERTOW-595 to Resolved

Comment 14 Mike McCune 2016-03-28 22:21:53 UTC

This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune with any questions

Comment 16 Ivo Hradek 2016-08-29 11:55:50 UTC

Verified with EAP 6.4.10.CP.CR2;

Comment 17 Petr Penicka 2017-01-17 13:03:32 UTC

Retroactively bulk-closing issues from released EAP 6.4 cummulative patches.

Comment 18 Petr Penicka 2017-01-17 13:03:33 UTC

Retroactively bulk-closing issues from released EAP 6.4 cummulative patches.

Note You need to log in before you can comment on or make changes to this bug.