OpenDJ REST is not able to GET resources with special characters in UID(eg: +)

This topic has 7 replies, 4 voices, and was last updated 6 years, 11 months ago by Ian Packer.

  • Author
    Posts
  • #6083
     ratheeshvnair
    Participant

    When I use OpenDJ REST end point to GET a user, It returns 404 if the user that I’m requesting has + in the uid.

    REST is enabled using http connection handlers.

    Eg : GET /users/[email protected], The response received is

    {
    “reason”: “Not Found”,
    “message”: “No Such Entry: The search base entry ‘uid=abc [email protected],ou=people,dc=company,dc=com’ does not exist”,
    “code”: 404
    }

    But thisuser exists in the OpenDJ LDAP and in apache directory studio, it shows the user and the RDN preview is abc\[email protected]

    Could someone help me on how to successfully retrieve this user using OpenDJ REST end point.

    Thanks
    Ratheesh

    • This topic was modified 6 years, 11 months ago by ratheeshvnair.
    #6086
     Ian Packer
    Participant

    The ‘+’ character in a URL translates to a space. Try URL encoding your input first. i.e

    GET /users/abc%2Bxyz%40test.com

    #6087
     ratheeshvnair
    Participant

    Hi Ian,
    Thank you very much for your reply. When I tried with encoded URL, in OpenDJ logs, I see the request being made as

    /users/abc%252Bxyz%2540test.com. I think it encoded % in %2B to %25. Is that happening within OpenDJ? Is there a way to tell OpenDJ not to do the double encoding?

    Thanks
    Ratheesh

    #6088
     Ian Packer
    Participant

    I suspect this is probably your client. I get:

    - 192.168.56.1 user.1 29/Oct/2015:04:28:14 +0000 GET /users/user%2B0/ HTTP/1.1 304 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36 13 2

    #6090
     Ludo
    Moderator

    I agree with Ian.
    Works on my machine :

    
    curl --user user.0:password http://localhost:8080/users/john%[email protected]
    {"_id":"[email protected]","_rev":"000000006da97ab5","schemas":["urn:scim:schemas:core:1.0"],"userName":"[email protected]","displayName":"John Doe","name":{"givenName":"John","familyName":"Doe"},"contactInformation":{"emailAddress":"[email protected]"},"meta":{"created":"2015-10-29T21:02:32Z"}}lpm:opendj ludo
    
    #6091
     ratheeshvnair
    Participant

    Thanks Ian & Ludo,
    It was indeed my client. Works for me now. Really appreciate your help.

    #6092
     Mark Craig
    Participant

    Hi,

    My reading of RFC 3986 is that + only represents a space within a query string. It shouldn’t need to be percent-encoded in the path.

    With a recent build of OpenDJ, I cannot however reproduce the issue:

    $ ldapsearch -p 1389 -b dc=example,dc=com "(uid=abc*)"
    dn: uid=abc\[email protected],ou=People,dc=example,dc=com
    objectClass: organizationalPerson
    objectClass: top
    objectClass: person
    objectClass: inetOrgPerson
    uid: [email protected]
    sn: XYZ
    cn: ABC XYZ
    
    

    Enable the HTTP connection handler and try over HTTP:

    $ curl --user bjensen:hifalutin http://opendj.example.com:8080/users/[email protected]
    {"_id":"[email protected]","_rev":"00000000a3354c7e","schemas":["urn:scim:schemas:core:1.0"],"displayName":"ABC XYZ","name":{"familyName":"XYZ"},"contactInformation":{},"meta":{"created":"2015-10-29T21:47:49Z"}}

    Regards,
    Mark

    #6093
     Ian Packer
    Participant
Viewing 8 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?