That problem should only happen with the CHAR type, but with the CHAR type
it can happen in other databases too.
AFAIK, the use of VARCHAR doesn't cause trailing spaces to be added in MS
SQL Server. Although I only used SQL Server trough BDE, ODBC and ADO, it
is hard to imagine that a JDBC driver would cause such thing.
(Anyway, I think it is a good fix.)
Have fun,
Paulo
> -----Original Message-----
> From: Larry Rogers [mailto:[EMAIL PROTECTED]]
> Sent: Monday, February 19, 2001 06:39
>
>
> This is my first patch to submit. I'm sorry I don't have a diff file to
> go with it.
>
> Anyway, when using Tomcat 3.2.1 JDBCRealm with Microsoft SQL Server, the
> credential check fails when the correct username and password are
> submitted by the user. After Tomcat receives the credentials from the
> user, it queries the user table in the database for what the password
> should be for the username received from the browser. When it compares
> the password from the browser to the one from the database, the
> comparison does not pass, even though the password is correct.
>
> This is caused by the way SQL Server returns a string with trailing
> spaces for the password query. The problem occurs for column type of
> char or varchar as well.
>
> The patch involves changing the following line from JDBCRealm.java
>
> if (credentials.equals(rs1.getString(1))) {
>
> to read as follows
>
> if (credentials.equals(rs1.getString(1).trim())) {
>
> This will trim the padded spaces from the password received from SQL
> Server before comparing it to the password submitted by the user, and
> the comparison will pass.
>
> Thanks,
> Larry
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
