Uploaded image for project: 'Application Server 3 4 5 and 6'
  1. Application Server 3 4 5 and 6
  2. JBAS-5976

Securing web-app cause incorrect character encoding in GET/POST data

    XMLWordPrintable

Details

    Description

      Simple test page from Tomcat FAQ (http://wiki.apache.org/tomcat/FAQ/CharacterEncoding#Q4) work right in non-secure web-app.
      After apply BASIC web authentication, character encoding of posted data is broken.

      After authentication, request.setCharactEncoding("UTF-8") in request filter does no effect too.
      No matter which login module in use, org.jboss.security.auth.spi.UsersRolesLoginModule or my own login module.
      Seems that authentication cause access the Request object in app server before it can be accessed in user request filter.
      After that, setting request.setCharacterEncoding not work.

      Insecure web-application work fine and non-ASCII characters appear correctly.
      This bug starts in CR-releases of JBoss 5.

      Attachments

        1. index.jsp
          0.6 kB
        2. scrshot.gif
          scrshot.gif
          20 kB
        3. test.war
          1 kB
        4. web.xml
          0.8 kB

        Issue Links

          is related to

          Bug - A problem that impairs or prevents the functions of the product. JBAS-6213 Securing web-app REALLY cause incorrect character encoding in GET/POST data

          • Critical - To be worked on immediately following BLOCKER issues.
          • Closed

          Activity

            People

              rmaucher Remy Maucherat
              dicr_jira Igor Tarasov (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: