Oracle Access Manager (OAM 11.1.2.3.x) Access Portal Service Extension ESSODirectSubmit Does not Work When The User Has A Double Quote In The Password (")
(Doc ID 2320451.1)
Last updated on DECEMBER 15, 2022
Applies to:
Oracle Access Manager - Version 11.1.2.3.170418 and laterOracle Access Portal - Version 11.1.2.3.0 and later
Information in this document applies to any platform.
Symptoms
OAM BP 11.1.2.3.170418
Webgate Iplanet (OTD) 11.1.2.3.0
ESSODirectSubmit does not work when the user has a double quote in his password (")
ESSODirectSubmit is an extension of OAM's Access Portal Service and it is designed to implement form fill of credentials into OAM protected web applications without the use of javascript .
This feature can be used after installing the following patches:
<Patch:24758508> for OAM
<Patch:25742669> for OTD Webgate
This feature is working just fine except when the password contains a double quote because the HTML that is returned back to perform form fill does not escape this particular character to ". The bottom line is that the code will need to make sure that passwords are HTML-safe, otherwise the browser itself could truncate it.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |