tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <>
Subject Form Authentication Illegal Characters
Date Mon, 14 Mar 2011 14:57:07 GMT
Hello All:

I am using Tomcat 6.0.26. My application has a context.xml file that
defines an org.apache.catalina.authenticator.FormAuthenticator

Valve and an org.apache.catalina.realm.DataSourceRealm Realm which I use
for authentication.

My login page functions in typical FormAuthentication manner by passing
the j_username and j_password parameters to j_security_check


Currently, authentication fails if the character # (pound sign) is
contained within a username. Has anybody come across this limitation? I
am working with another system that stores all @ symbols as # signs, so
the likely hood of someone using an email address as their username is


When I query my USERS table directly, I can locate any username that has
a # sign in it, so it seems that this is a tomcat related issue.


Just wanted to see if someone has experienced this and if there is a
solution/workaround for this.




  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message