You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Christian Andersson <ca...@ofs.no> on 2008/02/20 13:45:40 UTC
tomcat ldap authentication problem
Hi, we have setup Tomcat (6.0.10) to authenticate using form
authentication against openldap (2.3.27) with the jndirealm and
everything works alright except one little bit of a problem.
if the user name has national characters in it (åæø for norwegian) or
the password does, the user cannot authenticate .-(
for example if our user has a password of "hælge" the user cannot log
in, but if we change the password to "helge" he can log in.
all our html pages uses the utf-8 encoding, using slapcat and looking at
the content the data inside openldap seems to be using utf-8 (the output
from slapcat is at least utf-8,but I don't know if slapcat converts
anything)
We are also administrating the users from within our application (using
the standard javax.naming package) and from there we can search AND find
users with user names that have øæå in them so we know that ldap and
javax.naming can communicate and use national characters correctly..
looking at the logfile for ldap (when turning up the debug level) it
almost looks like jndirealm is using iso-8859-1 as encoding since in the
logfile all natinal characters comes out as garbage.
and as I said ALL pages in the system uses UTF-8 as encoding (including
the login page)
can anyone give me a hint on where to look next, I've searched for an
answer using google and in the mailinglist but either I'm nort searching
for the right thing, or I just cannot find it..
/Christian Andersson
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: tomcat ldap authentication problem
Posted by Christian Andersson <ca...@ofs.no>.
we have tried it with the following..
IE6 and 7 on windows
IE6 on linux (using ie4linux and wine)
Firefox 2.0.12 on windows and on linux
all behave the same..
all the tools we have to get information out from the ldap gives us the
username out in utf-8 correctly so for me it looks like it is stored in
utf-8 in ldap..
and since now all our system is configured for utf-8 it is strange that
this 1 part (the jndirealm) looks like it is using iso-8859-1 .-(
Antonio Petrelli skrev:
> 2008/2/20, Christian Andersson <ca...@ofs.no>:
>> all our html pages uses the utf-8 encoding, using slapcat and looking at
>> the content the data inside openldap seems to be using utf-8 (the output
>> from slapcat is at least utf-8,but I don't know if slapcat converts
>> anything)
>
> This might be a shot in the dark, but what client browser are you using?
> I've had some problems with IE7: though I tell him to use UTF-8, it
> posts the form in UTF-8 charset, but telling that it is using
> ISO-8859-1!
> Try it with Firefox, if you already didn't do it.
>
> Antonio
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: tomcat ldap authentication problem
Posted by Christian Andersson <ca...@ofs.no>.
ofcourse, it would be better, but unfourtunally it is not up to me to
enforce this policy, and we already have a lot of users with those
character in both username and/or password..
we had the system up and running before but after switching the website
over from ISO-8859-1 to UTF-8 it i sno longer working, the strange part
is though that with every tool I canuse to check what is in the ldap, it
say it is in utf-8
and we cannot go back o ISO-8859-1 either..
Andris Eiduks skrev:
> I think that better is for userID and passwords don't use national
> characters. In Latvia we time after time have similar problems ...
>
> Andris Eiduks
>
> On Fri, Feb 29, 2008 at 9:53 AM, Antonio Petrelli <
> antonio.petrelli@gmail.com> wrote:
>
>> 2008/2/20, Christian Andersson <ca...@ofs.no>:
>>> all our html pages uses the utf-8 encoding, using slapcat and looking
>> at
>>> the content the data inside openldap seems to be using utf-8 (the
>> output
>>> from slapcat is at least utf-8,but I don't know if slapcat converts
>>> anything)
>> This might be a shot in the dark, but what client browser are you using?
>> I've had some problems with IE7: though I tell him to use UTF-8, it
>> posts the form in UTF-8 charset, but telling that it is using
>> ISO-8859-1!
>> Try it with Firefox, if you already didn't do it.
>>
>> Antonio
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@tomcat.apache.org
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: tomcat ldap authentication problem
Posted by Andris Eiduks <ae...@gmail.com>.
I think that better is for userID and passwords don't use national
characters. In Latvia we time after time have similar problems ...
Andris Eiduks
On Fri, Feb 29, 2008 at 9:53 AM, Antonio Petrelli <
antonio.petrelli@gmail.com> wrote:
> 2008/2/20, Christian Andersson <ca...@ofs.no>:
> > all our html pages uses the utf-8 encoding, using slapcat and looking
> at
> > the content the data inside openldap seems to be using utf-8 (the
> output
> > from slapcat is at least utf-8,but I don't know if slapcat converts
> > anything)
>
> This might be a shot in the dark, but what client browser are you using?
> I've had some problems with IE7: though I tell him to use UTF-8, it
> posts the form in UTF-8 charset, but telling that it is using
> ISO-8859-1!
> Try it with Firefox, if you already didn't do it.
>
> Antonio
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: tomcat ldap authentication problem
Posted by Antonio Petrelli <an...@gmail.com>.
2008/2/20, Christian Andersson <ca...@ofs.no>:
> all our html pages uses the utf-8 encoding, using slapcat and looking at
> the content the data inside openldap seems to be using utf-8 (the output
> from slapcat is at least utf-8,but I don't know if slapcat converts
> anything)
This might be a shot in the dark, but what client browser are you using?
I've had some problems with IE7: though I tell him to use UTF-8, it
posts the form in UTF-8 charset, but telling that it is using
ISO-8859-1!
Try it with Firefox, if you already didn't do it.
Antonio
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: tomcat ldap authentication problem
Posted by Christian Andersson <ca...@ofs.no>.
anyone ?
Christian Andersson skrev:
> Hi, we have setup Tomcat (6.0.10) to authenticate using form
> authentication against openldap (2.3.27) with the jndirealm and
> everything works alright except one little bit of a problem.
>
> if the user name has national characters in it (åæø for norwegian) or
> the password does, the user cannot authenticate .-(
>
> for example if our user has a password of "hælge" the user cannot log
> in, but if we change the password to "helge" he can log in.
>
> all our html pages uses the utf-8 encoding, using slapcat and looking at
> the content the data inside openldap seems to be using utf-8 (the output
> from slapcat is at least utf-8,but I don't know if slapcat converts
> anything)
>
> We are also administrating the users from within our application (using
> the standard javax.naming package) and from there we can search AND find
> users with user names that have øæå in them so we know that ldap and
> javax.naming can communicate and use national characters correctly..
>
>
> looking at the logfile for ldap (when turning up the debug level) it
> almost looks like jndirealm is using iso-8859-1 as encoding since in the
> logfile all natinal characters comes out as garbage.
>
> and as I said ALL pages in the system uses UTF-8 as encoding (including
> the login page)
>
>
> can anyone give me a hint on where to look next, I've searched for an
> answer using google and in the mailinglist but either I'm nort searching
> for the right thing, or I just cannot find it..
>
> /Christian Andersson
>
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org