You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hc.apache.org by "Oleg Kalnichevski (JIRA)" <ji...@apache.org> on 2014/07/15 17:10:05 UTC

[jira] [Resolved] (HTTPCLIENT-1528) UTF-8 characters in user names not supported in Basic Authentication

     [ https://issues.apache.org/jira/browse/HTTPCLIENT-1528?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Oleg Kalnichevski resolved HTTPCLIENT-1528.
-------------------------------------------

    Resolution: Invalid

Non-ASCII characters in Basic auth credentials are illegal. If you still want to force HttpClient to use a different charset for auth credentials you need configure it with 'http.auth.credential-charset' parameter in 4.2 or by using a custom instance of BasicSchemeFactory in 4.3.

Oleg

> UTF-8 characters in user names not supported in Basic Authentication
> --------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-1528
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1528
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpAuth
>    Affects Versions: 4.2.6
>            Reporter: Christoph Pohl
>
> If you try to use UTF-8 characters like the Euro sign ("€") in user names, httpclient does not compose the correct Base64-encoded basic authentication header. Suppose the following piece of code:
> 		CredentialsProvider credsProvider = new BasicCredentialsProvider();
> 		credsProvider.setCredentials(new AuthScope(post, port), new UsernamePasswordCredentials("€uro", "Admin1234"));
> 		httpClient = new DefaultHttpClient(new ThreadSafeClientConnManager());
> 		httpClient.setCredentialsProvider(credsProvider);
> ...which results an Authentication header "Basic P1VSTzpBZG1pbjEyMzQ=" (equals to decoded "?URO:Admin1234"). However, browsers like Google Chrome correctly encode "Basic 4oKsdXJvOkFkbWluMTIzNA==" (equals to decoded "€uro:Admin1234").
> Sorry if this bug has been reported already.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org