https://issues.apache.org/bugzilla/show_bug.cgi?id=48587
Summary: Basic Authentication failed with multibyte username
Product: Tomcat 6
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
AssignedTo: [email protected]
ReportedBy: [email protected]
Created an attachment (id=24876)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=24876)
Base64 and BasicAuthentication patch
I've found a potential bug in the Basic Authentication module. I have users
and some user's username is contains national characters (encoded in UTF-8).
The HTTP header based authentication is fails when the username or the
password contains multibyte characters.
The root of the bug is the Base64 decoder, which decodes the Base64 stream to
char array: converts each byte to individual char, this decode method corrupts
the multibyte characters...
The patch converts the Base64 input to byte array instead char array, and
converts this byte array to String - with the encoding which specified in the
JVM. The patch is not beautiful :), and I've tested it only in a JBoss 5.1.0.GA
application server (it uses catalina).
More information about the issue:
http://mail-archives.apache.org/mod_mbox/tomcat-users/201001.mbox/%[email protected]%3e
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
