My Oracle Support Banner

Why IM User (with $ or ^ special character in its password) Can Log Onto IM Console But Fails to Log Onto OOTB Infocenter With ESAPI IntrusionDetector Error? (Doc ID 1980526.1)

Last updated on MARCH 26, 2019

Applies to:

Oracle Knowledge - Version 8.4.7 and later
Information in this document applies to any platform.

Symptoms

IM user (with $ or ^ special character in its password) can log onto IM Console but fails to log onto OOTB Infocenter with ESAPI IntrusionDetector error below:

...
4100069 [TP-Processor21] WARN InfoCenter:IntrusionDetector - [SECURITY FAILURE Anonymous:null@unknown -> /InfoCenter/IntrusionDetector] Invalid input: context=PASSWORD, type(UnicodeString3)=^[\p{L}\p{P}\p{Nd} ]+$, input=mySamplePa$^word
org.owasp.esapi.errors.ValidationException: PASSWORD: Invalid input. Please conform to regex ^[\p{L}\p{P}\p{Nd} ]+$ with a maximum length of 50
at org.owasp.esapi.reference.validation.StringValidationRule.checkWhitelist(StringValidationRule.java:145)
at org.owasp.esapi.reference.validation.StringValidationRule.checkWhitelist(StringValidationRule.java:161)
...

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.