Users are unable to use OAuth /token service with < or/and > characters in password

Document ID : KB000092981
Last Modified Date : 02/05/2018
Show Technical Document Details
Issue:
On using OTK /token policy using a password grant and validating against an identity provider - Active Directory  using a password having characters < or/and >
Authentication against that identity provider fails.
Expected results: Authentication against that identity provider should succeed.
Environment:
Active Directory LDAP
CA API Gateway 9.2/9.1
OTK 
Cause:
The underline issue was found to be external application that was talking to LDAP was doing some manipulation on symbols in the passwords. 
Resolution:
In the test lab gateway seemed to support the password containing < or > characters. For example try to use authenticate against LDAP - Active Directory Identity Provider, the validation would be successful.
Additional Information:
Steps to reproduce:
Set the following password on an LDAP instance: any password containing < or > characters 
Call the /token endpoint using a password grant using the above password and validate against an identity provider for that LDAP instance