Well, it is custom created and managed xml file. But the core of problem is in the string credentials in method public Principal authenticate(String username, String credentials). If the string was encoded properly (in java as utf-16) the credentials.length would be equal to 11 but its real length is 14. And that corresponds to the fact that in credentials is stored some form of utf-8 encoding. Utf-8 encoding string "ŽežUlička.1" has length 14. +1 for each letter: Ž,ž,č. Jan. > Where do you store your login/password : DB ? xml file ? encrypted in xml file ? > > > > ________________________________________ > De : Jan Vávra [vavra@602.cz] > Envoyé : lundi 24 juin 2013 13:36 > À : Tomcat Users List > Objet : FORM based authentication and utf-8 encoding of credentials > > Hello, > I'm successfully using form based authenntication when login or > password contains only letters from English alphabet. I have also > written own realm. > > When I create user with password with czech String "ŽežUlička.1" the > browser sends correctly this string as: > > POST http://localhost:70/myapp/j_security_check HTTP/1.1 > Content-Type: application/x-www-form-urlencoded > > j_username=p&j_password=%C5%BDe%C5%BEUli%C4%8Dka.1 > > The first letter "Ž" is really encoded in the utf-8 as bytes in hexa C5, BD. > But in the method public Principal authenticate(String username, String > credentials) the parameter credentials has first two bytes C3, 85. > > In my login.jsp I have these relevant parts: > <% > request.setCharacterEncoding("UTF-8"); > %> > > > > ... >
> > and also tomcat is telling in the http response header: > Content-Type: text/html;charset=UTF-8 > > > But nothing of it forced Tomcat to translate password correctly from > utf-8 string. > Even the manual reencoding in authenticate(.) doesn't help: > credentials = new String(credentials.getBytes(),"utf-8") > Because the received bytes of first letter are C3, 85 instead of > expected C5, BD. > > Any idea how to tell tomcat to use utf-8 in form based authentication? > It's tomcat 7.0.34 on Czech Windows 7 32 bit with default ansi code page > set as Windows-1250. > > Thanks > Jan. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org > For additional commands, e-mail: users-help@tomcat.apache.org > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org > For additional commands, e-mail: users-help@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org