AD connection not working with pound in password

Hi,

As I couldn’t find any resource on where to file a bug report for the OS Nexus repository manager, I’m placing it here.

We configured our Nexus Repository Manager OSS 3.19.1-01 with a LDAP connection to the AD server. Which works fine for most users. Authentication is working properly for the docker registry being hosted by Nexus. But also directly on the Nexus GUI itself to browse through other repositories.

Apparently when a user has a # (pound) symbol in the password things just stop working during the authentication process. We’ve repeatedly tested this by ONLY changing the password for the user on AD site and trying to connect to Nexus (via “verify login” on the LDAP tab, and via “docker login my.nexus.repo:5000” ).

Having a pound # in the password doesn’t work. On docker login it replies with a 401, and with “verify login” it yields
Failed to connect to LDAP Server: User ‘CN=myCN,OU=myOU,OU=otherOU,DC=myDC,DC=otherDC’ cannot be authenticated. [Caused by javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0c09042A, comment: AcceptSecurityContext error, data52e, v3839]]

When changing the password back to a password without a # pound it works perfectly fine.

There are special logs on the Nexus server that indicates there is something wrong, so what’s going on here? It looks like a bug to me

Please open an issue in the “dev - nexus” project at https://issues.sonatype.org for this.

Rich

Thanks!

Created it here
https://issues.sonatype.org/browse/NEXUS-23204