[jboss-jira] [JBoss JIRA] (AS7-4014) Somehow a new line character is regularly being appended to base64 encoded passwords - trim whitespace from decoded value.

Darran Lofthouse (JIRA) jira-events at lists.jboss.org
Fri Mar 2 09:45:36 EST 2012 

     [ https://issues.jboss.org/browse/AS7-4014?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Darran Lofthouse updated AS7-4014:
----------------------------------

        Summary: Somehow a new line character is regularly being appended to base64 encoded passwords - trim whitespace from decoded value.  (was: Somehow a new line character is regularly being appended to base64 encoded passwords - log a WARN if a new line is detected.)
    Description: 
Somehow a new line character is regularly being appended to base64 encoded passwords - trim whitespace from decoded value.

A recent example is 'slavepassword' was encoded as 'c2xhdmVwYXNzd29yZAo=' when actually it should be 'c2xhdmVwYXNzd29yZA=='

(A WARN should also be logged if something has been trimmed)

  was:
Somehow a new line character is regularly being appended to base64 encoded passwords - log a WARN if a new line is detected.

A recent example is 'slavepassword' was encoded as 'c2xhdmVwYXNzd29yZAo=' when actually it should be 'c2xhdmVwYXNzd29yZA=='



Probably just easier to trim it - but do log a WARN so end user knows it was trimmed.
                
> Somehow a new line character is regularly being appended to base64 encoded passwords - trim whitespace from decoded value.
> --------------------------------------------------------------------------------------------------------------------------
>
>                 Key: AS7-4014
>                 URL: https://issues.jboss.org/browse/AS7-4014
>             Project: Application Server 7
>          Issue Type: Task
>          Components: Domain Management, Security
>            Reporter: Darran Lofthouse
>            Assignee: Darran Lofthouse
>            Priority: Critical
>             Fix For: 7.1.1.Final
>
>
> Somehow a new line character is regularly being appended to base64 encoded passwords - trim whitespace from decoded value.
> A recent example is 'slavepassword' was encoded as 'c2xhdmVwYXNzd29yZAo=' when actually it should be 'c2xhdmVwYXNzd29yZA=='
> (A WARN should also be logged if something has been trimmed)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list