My Oracle Support Banner

SQLAuthenticator Converts Asterisk symbol(*) to Percent(%) in Plaintext Passwords (Doc ID 880927.1)

Last updated on JANUARY 23, 2025

Applies to:

Oracle WebLogic Server - Version 8.1 to 10.3
Oracle WebLogic Portal - Version 8.1 to 10.0.1
Information in this document applies to any platform.

Symptoms

In WebLogic Server admin console when the SQLAuthenticator is configured to support plaintext passwords (i.e. no password algorithm), then creating a user or changing the user password or trying to login with a password which contains the asterisk symbol(*), the SQLAuthenticator substitutes this character with a percent symbol(%).

An easy way to verify the problem is as below:

1.   Create a WLP 10.2 domain.
2.   Start the server.
3.   Open the WebLogic Server Administration Console.
4.   Navigate to Security Realms -> myrealm -> Providers -> SQLAuthenticator -> Provider Specific.
5.   From the Change Center click on 'Lock & Edit' .
6.   Check the checkbox next to 'Plaintext Passwords Enabled'.
7.   Uncheck the checkbox next to 'Password Style Retained'.
8.   Erase the algorithm from 'Password Algorithm' textbox.
9.   Set the 'Passsword Style' to 'PLAINTEXT'.
10. Save the settings and Activate from the Change Center.
11. Navigate to Security Realms -> myrealm -> Users and Groups.
12. Click on the 'New' button in order to create a new user.
13. Insert Name '<USER1>' and Password '<PASSWORD1*>' .
14. From the command line execute %<DOMAIN_HOME>%\bin\startPointBaseConsole.cmd
15. In the 'Connect To Database' dialog verify that the settings are
      Driver: com.pointbase.jdbc.jdbcUniversalDriver
      URL: jdbc:pointbase:server://localhost:9093/weblogic_eval
      User: weblogic
      Password: weblogic
16. Click on the OK button in order to connect
17. Navigate to SCHEMAS -> WEBLOGIC -> TABLES -> USERS
18. Right click on the USERS table and click 'SELECT * FROM "WEBLOGIC"."USERS"' in order to browse the data stored in the USERS table
19. It can be seen that the '<USER1>' that has been created in step 13.
20. Verify that the password has value '<PASSWORD1%>' instead of '<PASSWORD1*>'.
21. So, it is clear that the asterisk symbol'*' is substituted by an percent symbol'%'.

 

NOTE:

In the example above the related information represent a fictitious sample for clarity. Any similarity to actual environments, past or present, is purely coincidental and not intended in any manner.

The username and passwords used in the example above are default mentioned in documentation https://docs.oracle.com/cd/E15919_01/wlp.1032/e14233/pointbase.htm Section>> Administering the WebLogic Portal PointBase Database

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.