Details
-
Bug
-
Resolution: Done
-
Critical
-
JBossAS-5.0.0.CR1, JBossAS-5.0.0.CR2
-
Compatibility/Configuration
Description
Similar problem found as stated by JBAS-5976.
I also found the problem as stated by Igor. After several days work, it is the problem of JBoss SX layer which 'touch' ServletRequest.getParameterNames() (From "AbstractJavaEEHelper" and "WebResource.deriveUsefulInfo()") and caused the encoding set according to the OS before any character encoding filter can be applied.
I use a wrapper Request to show the calling path. Below are the stacktrace:
at my.tomcat.hack.RequestHack.getParameterNames(RequestHack.java:420)
at org.jboss.security.authorization.resources.WebResource.deriveUsefulInfo(WebResource.java:152)
at org.jboss.security.authorization.resources.WebResource.toString(WebResource.java:123)
at org.jboss.security.javaee.AbstractJavaEEHelper.authorizationAudit(AbstractJavaEEHelper.java:100)
at org.jboss.security.plugins.javaee.WebAuthorizationHelper.hasUserDataPermission(WebAuthorizationHelper.java:183)
at org.jboss.web.tomcat.security.JBossWebRealm.hasUserDataPermission(JBossWebRealm.java:636)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:461)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:91)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:92)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at my.tomcat.valve.RequestInspectorValve.invoke(RequestInspectorValve.java:90)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:325)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:828)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:595)
Attachments
Issue Links
- relates to
-
JBAS-5976 Securing web-app cause incorrect character encoding in GET/POST data
- Closed