Re: FormAuthenticator exception with non-latin (UTF8) user name
On 30/06/2010 12:22, Chris Rafferty wrote: This only occurs when I add the following valve to /conf/context.xml Valve className=org.apache.catalina.authenticator.FormAuthenticator characterEncoding=UTF-8 / Bad idea on a number of levels. 1. That change then applies to *every* context, and will break any that don't use FORM authentication. 2. The Manager app uses BASIC authentication... If I do not add the valve then Tomcat will not authenticate any attempt to access the list page with a user name containing non-Latin characters, it works perfectly if the user name contains only Latin characters. BASIC auth, browsers and UTF-8 is a combination that I suspect behaves differently from browser to browser. Your best bet would be to modify the manager app to use FORM auth, making sure your login form correctly supports UTF-8. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: FormAuthenticator exception with non-latin (UTF8) user name
Thanks Mark, That has worked a treat. I changed the manager application's web.xml to use FORM based authentication, added the valve to its context.xml rather than specifying it globally and provided the login form. Cheers Chris -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: 30 June 2010 12:28 To: Tomcat Users List Subject: Re: FormAuthenticator exception with non-latin (UTF8) user name On 30/06/2010 12:22, Chris Rafferty wrote: This only occurs when I add the following valve to /conf/context.xml Valve className=org.apache.catalina.authenticator.FormAuthenticator characterEncoding=UTF-8 / Bad idea on a number of levels. 1. That change then applies to *every* context, and will break any that don't use FORM authentication. 2. The Manager app uses BASIC authentication... If I do not add the valve then Tomcat will not authenticate any attempt to access the list page with a user name containing non-Latin characters, it works perfectly if the user name contains only Latin characters. BASIC auth, browsers and UTF-8 is a combination that I suspect behaves differently from browser to browser. Your best bet would be to modify the manager app to use FORM auth, making sure your login form correctly supports UTF-8. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: FormAuthenticator exception with non-latin (UTF8) user name
From: Chris Rafferty [mailto:chris.raffe...@sidonis.com] Subject: RE: FormAuthenticator exception with non-latin (UTF8) user name I changed the manager application's web.xml to use FORM based authentication, added the valve to its context.xml You really should not be explicitly adding the Valve; Tomcat will include the proper valve as required by the security specifications in the webapp's WEB-INF/web.xml file. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: FormAuthenticator exception with non-latin (UTF8) user name
On 30/06/2010 16:20, Caldarale, Charles R wrote: From: Chris Rafferty [mailto:chris.raffe...@sidonis.com] Subject: RE: FormAuthenticator exception with non-latin (UTF8) user name I changed the manager application's web.xml to use FORM based authentication, added the valve to its context.xml You really should not be explicitly adding theValve; Tomcat will include the proper valve as required by the security specifications in the webapp's WEB-INF/web.xml file. You do need to add the valve if you want to change any of the default settings. Whilst the request body *should* be in UTF-8 if the login form is written correctly, I believe there are issues with some browsers not following the spec and failing to declare the character encoding being used. Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
