markt 2005/01/07 01:24:19
Modified: catalina/src/share/org/apache/catalina/authenticator
FormAuthenticator.java
catalina/src/share/org/apache/catalina/realm RealmBase.java
webapps/tomcat-docs/config valve.xml
webapps/tomcat-docs realm-howto.xml
Log:
Fix bug 31198. Support non-ASCII user names and passwords in FORM and
DIGEST authentication.
Revision Changes Path
1.24 +28 -2
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/FormAuthenticator.java
Index: FormAuthenticator.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/authenticator/FormAuthenticator.java,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- FormAuthenticator.java 26 Aug 2004 21:27:39 -0000 1.23
+++ FormAuthenticator.java 7 Jan 2005 09:24:19 -0000 1.24
@@ -57,6 +57,13 @@
"org.apache.catalina.authenticator.FormAuthenticator/1.0";
+ /**
+ * Character encoding to use to read the username and password parameters
+ * from the request. If not set, the encoding of the request body will be
+ * used.
+ */
+ protected String characterEncoding = null;
+
// -------------------------------------------------------------
Properties
@@ -65,11 +72,27 @@
*/
public String getInfo() {
- return (this.info);
+ return (FormAuthenticator.info);
}
+ /**
+ * Return the character encoding to use to read the username and
password.
+ */
+ public String getCharacterEncoding() {
+ return characterEncoding;
+ }
+
+
+ /**
+ * Set the character encoding to be used to read the username and
password.
+ */
+ public void setCharacterEncoding(String encoding) {
+ characterEncoding = encoding;
+ }
+
+
// --------------------------------------------------------- Public
Methods
@@ -220,6 +243,9 @@
// Yes -- Validate the specified credentials and redirect
// to the error page if they are not correct
Realm realm = context.getRealm();
+ if (characterEncoding != null) {
+ hreq.setCharacterEncoding(characterEncoding);
+ }
String username = hreq.getParameter(Constants.FORM_USERNAME);
String password = hreq.getParameter(Constants.FORM_PASSWORD);
if (debug >= 1)
1.16 +22 -8
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/realm/RealmBase.java
Index: RealmBase.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/realm/RealmBase.java,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- RealmBase.java 27 Nov 2004 18:29:44 -0000 1.15
+++ RealmBase.java 7 Jan 2005 09:24:19 -0000 1.16
@@ -730,9 +730,11 @@
*
* @param credentials Password or other credentials to use in
* authenticating this username
- * @param algorithm Algorithm used to do th digest
+ * @param algorithm Algorithm used to do the digest
+ * @param encoding Character encoding of the string to digest
*/
- public final static String Digest(String credentials, String algorithm) {
+ public final static String Digest(String credentials, String algorithm,
+ String encoding) {
try {
// Obtain a new message digest with "digest" encryption
@@ -741,7 +743,11 @@
// encode the credentials
// Should use the digestEncoding, but that's not a static field
- md.update(credentials.getBytes());
+ if (encoding == null) {
+ md.update(credentials.getBytes());
+ } else {
+ md.update(credentials.getBytes(encoding));
+ }
// Digest the credentials and return as hexadecimal
return (HexUtils.convert(md.digest()));
@@ -759,15 +765,23 @@
* If exception, the plain credentials string is returned
*/
public static void main(String args[]) {
+
+ String encoding = null;
+ int firstCredentialArg = 2;
+
+ if (args.length > 4 && args[2].equalsIgnoreCase("-e")) {
+ encoding = args[3];
+ firstCredentialArg = 4;
+ }
- if(args.length > 2 && args[0].equalsIgnoreCase("-a")) {
- for(int i=2; i < args.length ; i++){
+ if(args.length > firstCredentialArg &&
args[0].equalsIgnoreCase("-a")) {
+ for(int i=firstCredentialArg; i < args.length ; i++){
System.out.print(args[i]+":");
- System.out.println(Digest(args[i], args[1]));
+ System.out.println(Digest(args[i], args[1], encoding));
}
} else {
System.out.println
- ("Usage: RealmBase -a <algorithm> <credentials>");
+ ("Usage: RealmBase -a <algorithm> [-e <encoding>]
<credentials>");
}
}
1.12 +38 -0 jakarta-tomcat-4.0/webapps/tomcat-docs/config/valve.xml
Index: valve.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/tomcat-docs/config/valve.xml,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- valve.xml 15 Apr 2004 21:34:00 -0000 1.11
+++ valve.xml 7 Jan 2005 09:24:19 -0000 1.12
@@ -346,6 +346,44 @@
</section>
+<section name="Form Authenticator Valve">
+
+ <subsection name="Introduction">
+
+ <p>The <strong>Form Authenticator Valve</strong> is automatically added
to
+ any <a href="context.html">Context</a> that is configured to use FORM
+ authentication.</p>
+
+ <p>If any non-default settings are required, the valve may be configured
+ within <a href="context.html">Context</a> element with the required
+ values.</p>
+
+ </subsection>
+
+ <subsection name="Attributes">
+
+ <p>The <strong>Form Authenticator Valve</strong> supports the following
+ configuration attributes:</p>
+
+ <attributes>
+
+ <attribute name="className" required="true">
+ <p>Java class name of the implementation to use. This MUST be set to
+
<strong>org.apache.catalina.authenticator.FormAuthenticator</strong>.</p>
+ </attribute>
+
+ <attribute name="characterEncoding" required="false">
+ <p>Character encoding to use to read the username and password
parameters
+ from the request. If not set, the encoding of the request body will
be
+ used.</p>
+ </attribute>
+
+ </attributes>
+
+ </subsection>
+
+</section>
+
</body>
1.16 +9 -0 jakarta-tomcat-4.0/webapps/tomcat-docs/realm-howto.xml
Index: realm-howto.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/tomcat-docs/realm-howto.xml,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- realm-howto.xml 27 Nov 2004 18:29:44 -0000 1.15
+++ realm-howto.xml 7 Jan 2005 09:24:19 -0000 1.16
@@ -1282,6 +1282,15 @@
<code>$CATALINA_HOME/server/lib/catalina.jar</code> file will need to be
on your class path to make the <code>RealmBase</code> class available.</p>
+<p>Non-ASCII usernames and/or passwords are supported using
+<source>java org.apache.catalina.realm.RealmBase \
+ -a {algorithm} -e {encoding} {input}
+</source>
+but care is required to ensure that the non-ASCII input is
+correctly passed to the digester.
+The digester returns <code>{input}:{digest}</code>. If the input appears
+corrupted in the return, the digest will be invalid.</p>
+
</subsection>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
