Home/ Questions/Q 7645679
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-31T10:00:04+00:00

I have the following problem: a user can’t login to our webapp if the

  • 0

I have the following problem: a user can’t login to our webapp if the user’s Active Directory password contains a ‘&’.
I’ve debugged this on my local machine using a port forward to the problematic LDAP server and everything works correctly.
However, if I login with that password on the remote server, I get fail.
I’ve posted a dump of the ldap config below.
Also, we use simple text for the auth (!)
Any ideas will be welcome, because I’m fresh out of good ideas.

    Hashtable<String, String> environment = new Hashtable<String, String>();
        environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
        environment.put(Context.SECURITY_AUTHENTICATION, "simple");
        environment.put(Context.SECURITY_PRINCIPAL, domainBasedUsername);
        environment.put(Context.SECURITY_CREDENTIALS, password);
        environment.put(Context.PROVIDER_URL, getActiveDirectoryServerUrl())

isSynchronized: TRUE

supportedLDAPVersion: 3, 2

serverName: CN=ABCDC03,CN=Servers,CN=Foo-City,CN=Sites,CN=Configuration,DC=foo,DC=com

supportedSASLMechanisms: GSSAPI, GSS-SPNEGO, EXTERNAL, DIGEST-MD5

ldapServiceName: foo.com:abcdc03$@FOO.COM

namingContexts: DC=foo,DC=com, CN=Configuration,DC=foo,DC=com, CN=Schema,CN=Configuration,DC=foo,DC=com, DC=DomainDnsZones,DC=foo,DC=com, DC=ForestDnsZones,DC=foo,DC=com

domainControllerFunctionality: 3

supportedLDAPPolicies: MaxPoolThreads, MaxDatagramRecv, MaxReceiveBuffer, InitRecvTimeout, MaxConnections, MaxConnIdleTime, MaxPageSize, MaxQueryDuration, MaxTempTableSize, MaxResultSetSize, MaxNotificationPerConn, MaxValRange

forestFunctionality: 2

configurationNamingContext: CN=Configuration,DC=foo,DC=com

rootDomainNamingContext: DC=foo,DC=com

SchemaNamingContext: CN=Schema,CN=Configuration,DC=foo,DC=com

subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=foo,DC=com

supportedControl: 1.2.840.113556.1.4.319, 1.2.840.113556.1.4.801, 1.2.840.113556.1.4.473, 1.2.840.113556.1.4.528, 1.2.840.113556.1.4.417, 1.2.840.113556.1.4.619, 1.2.840.113556.1.4.841, 1.2.840.113556.1.4.529, 1.2.840.113556.1.4.805, 1.2.840.113556.1.4.521, 1.2.840.113556.1.4.970, 1.2.840.113556.1.4.1338, 1.2.840.113556.1.4.474, 1.2.840.113556.1.4.1339, 1.2.840.113556.1.4.1340, 1.2.840.113556.1.4.1413, 2.16.840.1.113730.3.4.9, 2.16.840.1.113730.3.4.10, 1.2.840.113556.1.4.1504, 1.2.840.113556.1.4.1852, 1.2.840.113556.1.4.802, 1.2.840.113556.1.4.1907, 1.2.840.113556.1.4.1948, 1.2.840.113556.1.4.1974, 1.2.840.113556.1.4.1341, 1.2.840.113556.1.4.2026

highestCommittedUSN: 9122909

domainFunctionality: 2

dnsHostName: ABCDC03.foo.com

currentTime: 20120105081254.0Z

dsServiceName: CN=NTDS Settings,CN=ABCDC03,CN=Servers,CN=Foo-City,CN=Sites,CN=Configuration,DC=foo,DC=com

isGlobalCatalogReady: TRUE

defaultNamingContext: DC=foo,DC=com

supportedCapabilities: 1.2.840.113556.1.4.800, 1.2.840.113556.1.4.1670, 1.2.840.113556.1.4.1791, 1.2.840.113556.1.4.1935

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I think the issue may be the actual passing of the password through the webapp. The password field may need sanitized as it contains an ampersand, which may be a special character at some point in your code (not sure what languages your different chunks of code may or may not be written in). An example of a similar issue I had, I wrote statements in Word to paste into Oracle, however I accidentally used TABs in Word, which broke everything in Oracle.

    • 0