joelburke Respected Contributor.
Respected Contributor.
453 views

SSPR 5013 error


SSPR Version v3.2.0.3 b40 r38536

SSPR is throwing a SSPR 5013 error after selecting a specific user from
the helpdesk selection screen. The logs do not show the specific error
but the error that seems to pertain to this situation is the following:

2015-09-29T14:31:51Z, WARN , pwm.Validator, removing potentially
malicious string values from input, converting
'ui_C-H4sIAAAAAAAAAAFwAI__FL2yExQbQQ5LndGHwpcGNHoI9l4r0Kmk*hrEf*FiovLO2oQaoypld_GxqHMbz5i-WWQmd7AkCmNi3F9vDFgyMYh8cvZdvNM8fTGBvePIolBPHKAg8eJnaZLSubvtOxXBTqCihbeHBWcwEp4T8BpgF4cMzhwAAAA'
newValue=' pattern='(?i).*href.*'

I'm speculating here but I imagine the string of characters above is
generated from some uniquely identifiable attribute(s) and is used in
the POST to query the person from eDirectory. The same string is always
created when selecting the same individual.

Problem is that this string contains *href *and is being treated as a
malicious string. It is stripped and the person is never queried.

Has anybody seen this before? Any idea for a workaround?


--
joelburke
------------------------------------------------------------------------
joelburke's Profile: https://forums.netiq.com/member.php?userid=9019
View this thread: https://forums.netiq.com/showthread.php?t=54368

0 Likes
1 Reply
Anonymous_User Absent Member.
Absent Member.

Re: SSPR 5013 error

joelburke,

It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

Has your issue been resolved? If not, you might try one of the following options:

- Visit http://www.netiq.com/support and search the knowledgebase and/or check all
the other support options available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.netiq.com)

Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.netiq.com/faq.php

If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.

Good luck!

Your NetIQ Forums Team
http://forums.netiq.com


0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.