[arquillian-issues] [JBoss JIRA] (ARQ-630) The default charset is used to encode the HTTP BASIC AUTH credentials string into a sequence of bytes. ISO-8859-1 should be used for Tomcat
Vineet Reynolds (Updated) (JIRA)
jira-events at lists.jboss.org
Sun Oct 16 03:11:45 EDT 2011
[ https://issues.jboss.org/browse/ARQ-630?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Vineet Reynolds updated ARQ-630:
--------------------------------
Steps to Reproduce:
1. Create a user in Tomcat 7 with the manager-script role assigned to it. The credentials (username or password or both) should contain atleast one umlaut.
e.g.:
{code:xml}
<user username="Schröder" password="script" roles="manager-script"/>
{code}
2. The arquillian.xml file should specify the previously created user in the {{user}} and {{pass}} properties, and use the.
e.g.:
{code:xml}
<property name="user">Schröder</property>
<property name="pass">script</property>
{code}
3. Use the workaround specified in [SHRINKDESC-97|https://issues.jboss.org/browse/SHRINKDESC-97] to allow Arquillian to read the UTF-8 encoded arquillian.xml.
4. Run the arquillian-tomcat-managed-7 tests, targetted against the configured Tomcat installation. The tests fail with the following error:
{noformat}
-------------------------------------------------------------------------------
Test set: org.jboss.arquillian.container.tomcat.managed_7.TomcatManagedClientTestCase
-------------------------------------------------------------------------------
Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 349.738 sec <<< FAILURE!
org.jboss.arquillian.container.tomcat.managed_7.TomcatManagedClientTestCase Time elapsed: 0 sec <<< ERROR!
org.jboss.arquillian.container.spi.client.container.LifecycleException: Could not start container
at org.jboss.arquillian.container.tomcat.managed_7.TomcatManagedContainer.start(TomcatManagedContainer.java:175)
at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController$5.perform(ContainerLifecycleController.java:144)
at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController$5.perform(ContainerLifecycleController.java:134)
at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController.forContainer(ContainerLifecycleController.java:186)
at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController.startContainer(ContainerLifecycleController.java:133)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)
at org.jboss.arquillian.core.impl.EventContextImpl.invokeObservers(EventContextImpl.java:99)
at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:81)
at org.jboss.arquillian.container.impl.client.ContainerDeploymentContextHandler.createContainerContext(ContainerDeploymentContextHandler.java:57)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)
at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88)
at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:134)
at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:114)
at org.jboss.arquillian.core.impl.EventImpl.fire(EventImpl.java:67)
at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController$2.perform(ContainerLifecycleController.java:83)
at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController$2.perform(ContainerLifecycleController.java:76)
at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController.forEachContainer(ContainerLifecycleController.java:179)
at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController.startContainers(ContainerLifecycleController.java:75)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)
at org.jboss.arquillian.core.impl.EventContextImpl.invokeObservers(EventContextImpl.java:99)
at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:81)
at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:134)
at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:114)
at org.jboss.arquillian.core.impl.EventImpl.fire(EventImpl.java:67)
at org.jboss.arquillian.container.test.impl.client.ContainerEventController.execute(ContainerEventController.java:83)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)
at org.jboss.arquillian.core.impl.EventContextImpl.invokeObservers(EventContextImpl.java:99)
at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:81)
at org.jboss.arquillian.test.impl.TestContextHandler.createSuiteContext(TestContextHandler.java:54)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)
at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88)
at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:134)
at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:114)
at org.jboss.arquillian.test.impl.EventTestRunnerAdaptor.beforeSuite(EventTestRunnerAdaptor.java:68)
at org.jboss.arquillian.junit.Arquillian.run(Arquillian.java:76)
at org.apache.maven.surefire.junit4.JUnit4TestSet.execute(JUnit4TestSet.java:59)
at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.executeTestSet(AbstractDirectoryTestSuite.java:115)
at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.execute(AbstractDirectoryTestSuite.java:102)
at org.apache.maven.surefire.Surefire.run(Surefire.java:180)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.maven.surefire.booter.SurefireBooter.runSuitesInProcess(SurefireBooter.java:350)
at org.apache.maven.surefire.booter.SurefireBooter.main(SurefireBooter.java:1021)
Caused by: org.jboss.arquillian.container.spi.ConfigurationException: Unable to connect to Tomcat manager. The server command (/text/list) failed with responseCode (401) and responseMessage (Unauthorized).
Please make sure that you provided correct credentials to an user which is able to access Tomcat manager application.
These credentials can be specified in the Arquillian container configuration as "user" and "pass" properties.
The user must have appripriate role specified in tomcat-users.xml file.
at org.jboss.arquillian.container.tomcat.CommonTomcatManager.processResponse(CommonTomcatManager.java:244)
at org.jboss.arquillian.container.tomcat.CommonTomcatManager.execute(CommonTomcatManager.java:230)
at org.jboss.arquillian.container.tomcat.CommonTomcatManager.list(CommonTomcatManager.java:119)
at org.jboss.arquillian.container.tomcat.CommonTomcatManager.isRunning(CommonTomcatManager.java:126)
at org.jboss.arquillian.container.tomcat.managed_7.TomcatManagedContainer.start(TomcatManagedContainer.java:162)
... 64 more
{noformat}
Environment: Win 7 32-bit (Locale: en_IN, file.encoding = Cp1252), Apache Tomcat 7.0.14
Forum Reference: http://community.jboss.org/thread/173520?tstart=0
Added the steps to reproduce the bug.
> The default charset is used to encode the HTTP BASIC AUTH credentials string into a sequence of bytes. ISO-8859-1 should be used for Tomcat
> -------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: ARQ-630
> URL: https://issues.jboss.org/browse/ARQ-630
> Project: Arquillian
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: Tomcat Containers
> Environment: Win 7 32-bit (Locale: en_IN, file.encoding = Cp1252), Apache Tomcat 7.0.14
> Reporter: Vineet Reynolds
> Assignee: Vineet Reynolds
>
> Tomcat decodes the Authorization HTTP header containing the HTTP BASIC authentication credentials, using the ISO-8859-1 charset. On the contrary, Arquillian uses {{Charset.defaultCharset}} to encode the supplied credentials, before Base64 encoding the resulting byte array. This can result in a 401 error, when accessing the manager application on Tomcat; the failure will occur when the credentials contain characters that are encoded differently in ISO-8859-1 and the default charset of the environment. For example, if the default charset is UTF-8, then credentials containing _ö_ will not be accepted by Tomcat as _ö_ is encoded as 0xC3 0xB6 in UTF-8 and 0xF6 in ISO-8859-1.
> The suggested fix is to use ISO-8859-1 in {{CommonTomcatManager.constructHttpBasicAuthHeader()}} as listed:
> {code:java}
> // Set up an authorization header with our credentials
> String credentials = configuration.getUser() + ":" + configuration.getPass();
> return "Basic "
> + new String(Base64.encodeBase64(credentials.getBytes(Charset.forName("ISO-8859-1"))), Charset.defaultCharset());
> {code}
> instead of the existing
> {code:java}
> // Set up an authorization header with our credentials
> String credentials = configuration.getUser() + ":" + configuration.getPass();
> return "Basic "
> + new String(Base64.encodeBase64(credentials.getBytes(Charset.defaultCharset())), Charset.defaultCharset());
> {code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the arquillian-issues
mailing list