tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Hardy <ahardy.str...@cyberspaceroad.com>
Subject Re: Filter for Form Authentication Problem
Date Wed, 01 Oct 2003 10:08:47 GMT
That bugzilla issue only addresses filters, not character encoding, with 
j_security_check.

On the one hand the servlet 2.4 spec actually addresses response 
character encoding issues nicely, with the addition of stuff like:

<locale-encoding-mapping-list>
   <locale-encoding-mapping>
     <locale>ja</locale>
     <encoding>Shift_JIS</encoding>
   </locale-encoding-mapping>
</locale-encoding-mapping-list>

to the web.xml .

It would be a shame if the solution doesn't extend to the request 
encoding as well, i.e. so that the tomcat SetCharacterEncodingFilter 
class becomes redundant, but at this point I haven't got to the point 
where I can tell. I guess the tomcat committers would know :)

I only upgraded to tomcat 5 on Sunday and I'm still trying to get back 
to the stage where I was with tomcat 4.

Do you know when the 2.4 spec goes final?

Adam



On 09/30/2003 12:58 PM Tim Funk wrote:
> Did that alrady. Here's the gory details and the conclusion is valid for 
> 4 and 5.  It seems the spec folks took care of the character encoding 
> issue but forgot how to fix it for j_security_check. So the "short term" 
> solution is probably a custom solution per platform. :( (Maybe google 
> has the answer, haven't checked yet)
> 
> 
> http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21795
> 
> -Tim
> 
> Bill Barker wrote:
> 
>> This is a really interesting issue.  I would hope that you would send a
>> message to servletapi-feedback@eng.sun.com to hopefully get the 
>> expert-team
>> to clarify this before the 2.4 spec goes final.  Because the Servlet-2.2
>> spec lacks the request.setCharacterEncoding method, Tomcat 3.3 jumps 
>> through
>> a lot of hoops to try and guess the charset.  These were dropped in 
>> Tomcat
>> 4+, since the request.setCharacterEncoding method was supposed to 
>> solve all
>> of these problems.  As you have pointed out, it is not possible to use 
>> this
>> in a Filter for the standard Form-auth config (for the simple reason that
>> Auth is called before Filters).  Therefore, the j_security_check 
>> target is
>> flying blind wrt charset.
>>
>>
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 

-- 
struts 1.1 + tomcat 5.0.12 + java 1.4.2
Linux 2.4.20 RH9


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message