tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: Control character in cookie value
Date Sat, 05 Dec 2009 12:14:02 GMT
itay sahar wrote:
> Hi all,
> 
> I'm using seam on tomcat 6.0.20 and encounter problem in my security module.
> 
> Basically, i try to add cookie with base64 encoding of the username which is
> email address.

> The encoding works and no exception is thrown. But when seam try adding the
> cookie an exception is thrown:
> 
> 05/12/2009 02:23:00 com.sun.faces.lifecycle.Phase doPhase
> SEVERE: JSF1054: (Phase ID: INVOKE_APPLICATION 5, View ID: /login.xhtml)
> Exception thrown during phase execution:
> javax.faces.event.PhaseEvent[source=com.sun.faces.lifecycle.LifecycleImpl@7d5
> 05/12/2009 02:23:00 org.ajax4jsf.webapp.BaseXMLFilter doXmlFilter
> SEVERE: Exception in the filter chain
> javax.servlet.ServletException: #{identity.login}:
> java.lang.IllegalArgumentException: Control character in cookie value,
> consider BASE64 encoding your value
>         at javax.faces.webapp.FacesServlet.service(FacesServlet.java:277)

Obviously, the value of your cookie is /not/ Base-64 encoded.
I also cannot see in your code where that encoding should take place.

And if the value is really an email address, and if you really do encode 
it somewhere else than in the code you show, then what probably happens 
is that your Base-64 encoded string exceeds 80 characters, and is being 
wrapped with a CR/LF somewhere.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message