[jboss-jira] [JBoss JIRA] (WFLY-6823) Doesn't work using non-ASCII chars for username and/or password for BASIC authentication.
Jan Kalina (JIRA)
issues at jboss.org
Thu Oct 12 04:49:00 EDT 2017
[ https://issues.jboss.org/browse/WFLY-6823?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13476190#comment-13476190 ]
Jan Kalina commented on WFLY-6823:
----------------------------------
Source for reference: https://github.com/undertow-io/undertow/blob/7a2a32d7d47ca584566b3f7d05a1389c5aa0e111/core/src/main/java/io/undertow/security/impl/BasicAuthenticationMechanism.java#L233
Just note, in Undertow (EAP) is this supported only by BASIC mechanism - not by DIGEST mechanism, so this would be new feature.
> Doesn't work using non-ASCII chars for username and/or password for BASIC authentication.
> -----------------------------------------------------------------------------------------
>
> Key: WFLY-6823
> URL: https://issues.jboss.org/browse/WFLY-6823
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Reporter: Hynek Švábek
>
> Doesn't work using non-ASCII chars for username and/or password for BASIC authentication.
> We noticed it when we looked on JIra issue https://issues.jboss.org/browse/JBEAP-3603.
> We JBoss EAP 7 expects encoded UTF-8 strings in code. But we didn't find any information about it in specification.
> It works with Chrome and Opera, but it doesn't work with Firefox.
> Since there is no documentation for this username/password limitation it can affect customers who want to use non-ASCII credentials.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list