You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2022/09/29 08:12:00 UTC

[jira] [Work logged] (KNOX-2810) Login on Knox UI doesn't work when the password contains special characters

     [ https://issues.apache.org/jira/browse/KNOX-2810?focusedWorklogId=813261&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-813261 ]

ASF GitHub Bot logged work on KNOX-2810:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 29/Sep/22 08:11
            Start Date: 29/Sep/22 08:11
    Worklog Time Spent: 10m 
      Work Description: zeroflag opened a new pull request, #640:
URL: https://github.com/apache/knox/pull/640

   ## What changes were proposed in this pull request?
   
   The `btoa` (third party) javascript functions can't base64 encode some of the special characters such as the letter `ë`. 
   We use this function to create the basic authorization header. If user's password contains an unsupported character the login will fail.
   
   
   ## How was this patch tested?
   
   I tested the new funciton manully:
   
   ```
   unicodeBase64Encode('árvíztűrő tükörfúrógép ë !#$%^&*()_!#@V')
   'w6FydsOtenTFsXLFkSB0w7xrw7ZyZsO6csOzZ8OpcCDDqyAhIyQlXiYqKClfISNAVg=='
   
   unicodeBase64Encode('阪熊奈岡鹿梨阜埼茨栃')
   '6Ziq54aK5aWI5bKh6bm/5qKo6Zic5Z+86Iyo5qCD'
   阪熊奈岡鹿梨阜埼茨栃
   ```
   The I decoded the result I got back the original string.
   
   The I changed sam's password in users.ldif:
   
   ```
   # entry for sample user sam
   dn: uid=sam,ou=people,dc=hadoop,dc=apache,dc=org
   objectclass:top
   objectclass:person
   objectclass:organizationalPerson
   objectclass:inetOrgPerson
   cn: sam
   sn: sam
   uid: sam
   userPassword: 阪熊奈岡鹿梨阜埼茨栃 árvíztűrő tükörfúrógép ë !#$%^&*()_!#@V
   ```
   
   Unfortunately the demo ldap server could not parse this password because it calls `Strings.toLowerCaseAscii(line)` on each line of the ldif file. After I temporary removed the toLowerCase I was able to start the demo ldap with this config.
   
   I check the login on the knox ui using the knoxsso topology and I was able to successfully login.
   




Issue Time Tracking
-------------------

            Worklog Id:     (was: 813261)
    Remaining Estimate: 0h
            Time Spent: 10m

> Login on Knox UI doesn't work when the password contains special characters
> ---------------------------------------------------------------------------
>
>                 Key: KNOX-2810
>                 URL: https://issues.apache.org/jira/browse/KNOX-2810
>             Project: Apache Knox
>          Issue Type: Improvement
>            Reporter: Attila Magyar
>            Assignee: Attila Magyar
>            Priority: Major
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> E.g.: when there is a "ë" in the password the base64 encoder silently ignores the character.
> {code}
> btoa('abcë')
> 'YWJj6w=='
> {code}
> The decoded version of 'YWJj6w==' is 'abc' without the 'ë'



--
This message was sent by Atlassian Jira
(v8.20.10#820010)