Environment
Novell Access Manager 3.1.4
Novell Access Manager 3.1.4 Linux Access Gateway
Novell Access Manager 3.1.4 Linux Access Gateway
Situation
- Users which containing one of the following characters in their password will fail on running SSO on with the protected web server: (", $, #, &)
- FormFill fails on escaping the above mentioned characters
Example:
- user password: = n"vell
- input field: <INPUT name='loginpass' id='loginpass' type='password'>
- Loginform rewritten by FormFill: <input name="loginpass" id="loginpass" type="hidden" value="n"vell">
- result: password will truncated to: "n
Resolution
This issue has been addressed to engineering and will be fixed with NAM 3.1 SP5.