Slash "/" and backslash "\" are special characters that usually do not occur in a username. If a username contains one of those characters, the connection gets dropped by default. It is recommended to avoid these characters in a username. If those characters cannot be avoided, use the following steps to allow the necessary character(s):
Allow slashes "/"
To allow encoded forward slashes in URIs (using "%2F"), specify the following additional system property in the instance configuration (e.g. instances/auth/instance.properties, see also Application parameters).
- Add the following value to parameter "iam.java.opts":
-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true - If slashes must be allowed through the Airlock Gateway (WAF), encoded slashes must also be allowed on the VirtualHost in the Advanced Settings: "Allow encoded slashes (%2F)"
On Airlock Gateway (WAF), combinations of client certificates per mapping and enabled encoded slashes in the same virtual host might result in configurations where client certificate evaluation might be evaded. Please contact Airlock support.
Allow backslashes "\"
To allow encoded backslashes in URIs (using "%5C"), specify the following additional system property in the instance configuration (e.g. instances/auth/instance.properties, see also Application parameters).
- Add the following value to parameter "iam.java.opts":
-Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true