You are here:
Home » forums » Magic Parser
 » Allowing for special characters


Allowing for special characters

Submitted by msimonds on Thu, 2010-07-01 13:24 in

David,

Came across another issue and cannot fined a fix using Magic parser. I was hoping that you would be able to help me out

I am implementing a single sign on from an outside application, Salesforce.com. This sends a web service call to my server, through our DMZ to active directory and responds with a true/false.

Problem is that some users could have special characters in their passwords and it seems that magic parser strips those out. Here is an example

SOAP XML coming in from Service

<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
 <soapenv:Body>
  <Authenticate xmlns="urn:authentication.soap.sforce.com">
   <username>me@email.comt</username>
   <password>&amp;#$@#$&amp;*^&amp;</password>
   <sourceIp>255.255.255.0</sourceIp>
  </Authenticate>
 </soapenv:Body>
</soapenv:Envelope>

As you see there are ampersands in the SOAP XML, but it seems they are stripped out.

Here is a print_r after it is processed by your scripts:

<pre>Array
(
    [SOAPENV:ENVELOPE] =>
    [SOAPENV:ENVELOPE-XMLNS:SOAPENV] => http://schemas.xmlsoap.org/soap/envelope/
    [SOAPENV:ENVELOPE-XMLNS:XSD] => http://www.w3.org/2001/XMLSchema
    [SOAPENV:ENVELOPE-XMLNS:XSI] => http://www.w3.org/2001/XMLSchema-instance
    [SOAPENV:BODY] =>
    [SOAPENV:BODY/AUTHENTICATE] =>
    [SOAPENV:BODY/AUTHENTICATE-XMLNS] => urn:authentication.soap.sforce.com
    [SOAPENV:BODY/AUTHENTICATE/USERNAME] => me@email.com
    [SOAPENV:BODY/AUTHENTICATE/PASSWORD] => #$@#$*^
    [SOAPENV:BODY/AUTHENTICATE/SOURCEIP] => 255.255.255.0
)
</pre>
Since these passwords are hitting AD, I need to be able to pass them.
What can I do to correct this?
~Mike

‹ Checking field names before importing in database Cannot return array values from function ›
login or register to post comments
Hello Mike, &amp; is the
Submitted by support on Thu, 2010-07-01 13:37

Hello Mike,

&amp; is the correct encoding for the ampersand symbol, and ordinarily Magic Parser / PHP will handle them correctly.

However, there is a version of the underlying XML library used by PHP (and subsequently Magic Parser) that contains a bug that strips entities from the output rather than decoding them!

I have a version of MagicParser.php that contains a work-around for this bug which I will email to you now...

All the best,
David.

login or register to post comments