You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2022/09/29 08:12:00 UTC
[jira] [Work logged] (KNOX-2810) Login on Knox UI doesn't work when the password contains special characters
[ https://issues.apache.org/jira/browse/KNOX-2810?focusedWorklogId=813261&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-813261 ]
ASF GitHub Bot logged work on KNOX-2810:
----------------------------------------
Author: ASF GitHub Bot
Created on: 29/Sep/22 08:11
Start Date: 29/Sep/22 08:11
Worklog Time Spent: 10m
Work Description: zeroflag opened a new pull request, #640:
URL: https://github.com/apache/knox/pull/640
## What changes were proposed in this pull request?
The `btoa` (third party) javascript functions can't base64 encode some of the special characters such as the letter `ë`.
We use this function to create the basic authorization header. If user's password contains an unsupported character the login will fail.
## How was this patch tested?
I tested the new funciton manully:
```
unicodeBase64Encode('árvíztűrő tükörfúrógép ë !#$%^&*()_!#@V')
'w6FydsOtenTFsXLFkSB0w7xrw7ZyZsO6csOzZ8OpcCDDqyAhIyQlXiYqKClfISNAVg=='
unicodeBase64Encode('阪熊奈岡鹿梨阜埼茨栃')
'6Ziq54aK5aWI5bKh6bm/5qKo6Zic5Z+86Iyo5qCD'
阪熊奈岡鹿梨阜埼茨栃
```
The I decoded the result I got back the original string.
The I changed sam's password in users.ldif:
```
# entry for sample user sam
dn: uid=sam,ou=people,dc=hadoop,dc=apache,dc=org
objectclass:top
objectclass:person
objectclass:organizationalPerson
objectclass:inetOrgPerson
cn: sam
sn: sam
uid: sam
userPassword: 阪熊奈岡鹿梨阜埼茨栃 árvíztűrő tükörfúrógép ë !#$%^&*()_!#@V
```
Unfortunately the demo ldap server could not parse this password because it calls `Strings.toLowerCaseAscii(line)` on each line of the ldif file. After I temporary removed the toLowerCase I was able to start the demo ldap with this config.
I check the login on the knox ui using the knoxsso topology and I was able to successfully login.
Issue Time Tracking
-------------------
Worklog Id: (was: 813261)
Remaining Estimate: 0h
Time Spent: 10m
> Login on Knox UI doesn't work when the password contains special characters
> ---------------------------------------------------------------------------
>
> Key: KNOX-2810
> URL: https://issues.apache.org/jira/browse/KNOX-2810
> Project: Apache Knox
> Issue Type: Improvement
> Reporter: Attila Magyar
> Assignee: Attila Magyar
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
> E.g.: when there is a "ë" in the password the base64 encoder silently ignores the character.
> {code}
> btoa('abcë')
> 'YWJj6w=='
> {code}
> The decoded version of 'YWJj6w==' is 'abc' without the 'ë'
--
This message was sent by Atlassian Jira
(v8.20.10#820010)