tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eugène Adell <>
Subject RE:FORM based authentication and utf-8 encoding of credentials
Date Mon, 24 Jun 2013 11:42:50 GMT

Where do you store your login/password : DB ? xml file ? encrypted in xml file ?

De : Jan Vávra []
Envoyé : lundi 24 juin 2013 13:36
À : Tomcat Users List
Objet : FORM based authentication and utf-8 encoding of credentials

  I'm successfully using form based authenntication when login or
password contains only letters from English alphabet. I have also
written own realm.

When I create user with password with czech String "ŽežUlička.1" the
browser sends correctly this string as:

POST http://localhost:70/myapp/j_security_check HTTP/1.1
Content-Type: application/x-www-form-urlencoded


The first letter "Ž" is really encoded in the utf-8 as bytes in hexa C5, BD.
But in the method public Principal authenticate(String username, String
credentials) the parameter credentials has first two bytes C3, 85.

In my login.jsp I have these relevant parts:
     <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<form method="POST" action="j_security_check" accept-charset="utf-8">

and also tomcat is telling in the http response header:
Content-Type: text/html;charset=UTF-8

But nothing of it forced Tomcat to translate password correctly from
utf-8 string.
Even the manual reencoding in authenticate(.) doesn't help:
credentials = new String(credentials.getBytes(),"utf-8")
Because the received bytes of first letter are C3, 85 instead of
expected C5, BD.

Any idea how to tell tomcat to use utf-8 in form based authentication?
It's tomcat 7.0.34 on Czech Windows 7 32 bit with default ansi code page
set as Windows-1250.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message