Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-18425

Users and Group containing invalid characters are able to be created on REST API.

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: 6.7.0
    • Fix Version/s: 6.8.0
    • Component/s: Security
    • Labels:
      None

      Description

      Even UI is preventing the user to create User or Group, the user is able to create user or Group wiht invalid characters.
      invalid characters are :

      '/', '\\', ':', '|', '?', '*', '"', '<', '>' 

      The APIs are:

      POST http://<host>:8080/artifactory/ui/groups
      Body:
      {"name":"group1:1"}
      
      POST http://<host>:8080/artifactory/ui/users
      Body:
      {"profileUpdatable":true,"disableUIAccess":false,"internalPasswordDisabled":false,"name":"users1:1","email":"my@email.com","password":"123456","retypePassword":"123456","userGroups":[{"groupName":"readers","realm":"internal"}]}
      
      PUT http://<host>:8080/artifactory/api/security/users/users1:1
      Body:
      { "name": "users1:1", "email": "my@email.com", "admin": true, "password": "123456", "profileUpdatable": true, "internalPasswordDisabled": false, "groups": [ "readers" ], "lastLoggedInMillis": 0, "realm": "internal", "offlineMode": false, "disableUIAccess": false }
      
      PUT http://<host>:8080/artifactory/api/security/groups/group:1
      Body:
      { "name": "group:1" }
      

        Attachments

          Activity

            People

            • Assignee:
              omriz Omri Ziv
              Reporter:
              omriz Omri Ziv
              Assigned QA:
              Barak Hacham
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: