UCMDB and UD Practitioners Forum (Previously CMS)
cancel

UCMDB Login Issue for Few Special Characters

Highlighted
Ashokkumar_2
Regular Collector

UCMDB Login Issue for Few Special Characters

Hi, 

 

We have UCMDB 10.20 Installed on Windows. we have integrated with LDAP and it is working fine. But for few Users, whose Login password contains Special Characters like "!#" etc., they are not able to login UCMDB Console. When we checked the error file. it says the Message. 

 

"WARN [qtp89109490-747] (Log4JLogger.java:449) - [SECURITY FAILURE Anonymous:null@unknown -> /ExampleApplication/IntrusionDetector] Invalid input: context=password, type(SafeString)=^[\p{L}\p{Digit},\\:/. _?&%=+-\[\]\(\)\|\"]*$, input=******** org.owasp.esapi.errors.ValidationException: password: Invalid input. Please conform to regex ^[\p{L}\p{Digit},\\:/. _?&%=+-\[\]\(\)\|\"]*$ with a maximum length of 1024" Is it something a Known Issue in UCMDB, which can be fixed? 

 

Regards Ashok

2 REPLIES
RazvanBolocan
HPE Expert

Re: UCMDB Login Issue for Few Special Characters

Mohamed_Zahran
Regular Collector

Re: UCMDB Login Issue for Few Special Characters

Hi,

 

This may be a bit late.

 

I had the same problem, and managed to fix it. So I am posting this just in case someone else encounters the same issue.

 

Basically, UCMDB does some validation on the user inputs (including password). So you'll need to edit "<UCMDB install dir>\deploy\ucmdb-ui\WEB-INF\conf\ESAPI_validation.properties" file, and edit the below line to add special characters used in the password as required:

 

Validator.SafeString=^[\\p{L}\\p{Digit},\\\\:/. _?&%!@#=+-\\[\\]\\(\\)\\|\\"]*$

 

Regards,

Mohamed

//Add this to "OnDomLoad" event