000036206 - Oracle Access Fulfillment Express (AFX) connector errors out when the password contains special characters like $ in RSA Identity Governance & Lifecycle

Document created by RSA Customer Support Employee on May 1, 2018
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000036206
Applies ToRSA Product Set: RSA Identity Governance & Lifecycle
RSA Version/Condition: 7.0.0, 7.0.1, 7.0.2
The  Oracle AFX connector errors out when a dollar sign ($) is used in the password while running the capabilities having the password attribute.


Steps to reproduce

  1. Create an Oracle AFX connector.
  2. Test the connector capabilities of create an account or reset account password.
    1. Start with the user name Test and a password where the dollar sign is the last character (password$).  The following error will display:

java.lang.StringIndexOutOfBoundsException: String index out of range.

User-added image

b.  When the dollar sign is used as the first character of a password or in the middle of a password ($password or pas$word) the following error displays:

java.lang.IllegalArgumentException: Illegal group reference.


User-added image
CauseString methods like replaceAll and replaceFirst use patterns and regex.  Here, the dollar sign character is a metacharacter and has special meaning in regular expressions (it means the end of input). So this needs to be escaped to keep it as a literal character in the input string. Since this was not done, the replaceFirst() function failed and threw the exception.
ResolutionThis issue is fixed in 7.0.2 P06. Deploy the patch to have the issue fixed.
WorkaroundAn immediate workaround will be to escape the special characters of regex in passwords.