PQ91656: Using SSOAuthenticator to implement custom login servlet, Custom Registry doesn't receive valid password if it contains umlauts | |||||||||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description The class SSOAuthenticator (websphere.jar) converts the given password into a byte[] using the getBytes() method of class String. This method uses the system codepage when generating a byte[]. The system codepage of Windows is CP1252. The SSOAuthenticator uses the PrincipalAuthenticator to perform the login. The implementation of this class converts the byte[] back into a String using the StringByteConversion util class (both classes can be found in the iwsorb.jar library). The util class creates the String using UTF-8: String s = new String(bytes,"UTF-8"). Thus, the password gets truncated at the first umlaut: Example: "testホルレ" becomes "test" Since the log file doesn't contain the current codepage and password I've choosen to decompile some classes to find out what's going on. Using a decompiler helps solve this problem. I thought that the problem of umlauts is caused by different codepages. I've decompiled and analyzed the SSOAuthenticator and the classes invoked by the SSOAuthenticatorLocal fix n/aProblem summary **************************************************************** * USERS AFFECTED: WebSphere Application Server security * * users implementing custom login. * **************************************************************** * PROBLEM DESCRIPTION: When using SSOAuthenticator to * * perform custom login, login fails if * * user's password contains characters * * different from the plateform's code * * pages. * **************************************************************** * RECOMMENDATION: * **************************************************************** When using SSOAuthenticator to perform custom login, if the user's password contains characters which are not in the plateform's code pages, the fails to authenticate. The cause is that the platform's code page is used to convert the password into bytes.Problem conclusion SSOAuthenticator now encodes password strings using UTF8 instead of default encoding.Temporary fix Test fix provided.Comments
APAR is sysrouted FROM one or more of the following: PQ89840 APAR is sysrouted TO one or more of the following: Modules/Macros Publications Referenced
|
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > General
Operating system(s):
Software version: 00A
Software edition:
Reference #: PQ91656
IBM Group: Software Group
Modified date: Jul 19, 2004
(C) Copyright IBM Corporation 2000, 2008. All Rights Reserved.