On using OTK /token policy using a password grant and validating against an identity provider - Active Directory using a password having characters < or/and >
Authentication against that identity provider fails.
Expected results: Authentication against that identity provider should succeed.
Active Directory LDAP
CA API Gateway 9.2/9.1
The underline issue was found to be external application that was talking to LDAP was doing some manipulation on symbols in the passwords.
In the test lab gateway seemed to support the password containing < or > characters. For example try to use authenticate against LDAP - Active Directory Identity Provider, the validation would be successful.
Steps to reproduce:
Set the following password on an LDAP instance: any password containing < or > characters
Call the /token endpoint using a password grant using the above password and validate against an identity provider for that LDAP instance