You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2005/01/18 21:29:10 UTC
DO NOT REPLY [Bug 33157] New: -
basic authentication fails in some cases
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=33157>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=33157
Summary: basic authentication fails in some cases
Product: Tomcat 5
Version: 5.5.4
Platform: All
OS/Version: Windows XP
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: aktweb@msn.com
setup
- java 1.5.0.1
- tomcat 5.5.4
- UserDatabaseRealm
to cause failuer, using wget as my test client
- wget -O o --http-user=user --http-
passwd=pinotnoir "http://localhost:8080/myapp/myjsp.jsp"
- wget -O o --http-user=user --http-
passwd=pinotnoir1 "http://localhost:8080/myapp/myjsp.jsp"
- wget -O o --http-user=user --http-
passwd=pinotnoir "http://localhost:8080/myapp/myjsp.jsp"
by setting a breakpoint in RealmBase.authenticate, the username/credentials
strings show up as
- user/pinotnoir
- user/pinotnoir1
- user/pinotnoir1 <==== incorrect, should be pinotnoir
The issues seems to be in Base64.decode:
decodedDataCC.allocate(lastData - numberQuadruple, -1);
decodedDataCC.setEnd(lastData - numberQuadruple);
decodedData = decodedDataCC.getBuffer();
decodedDataCC.allocate(lastData - numberQuadruple, -1);
- allocate does not reallocate for the 3 test (pinotnoir) since the buffer was
already big enough from the previous request (pinotnoir1)
- setEnd sets an end flag
- getBuffer just gets the byte[], which is too big (pinotnoir1)
from there on, things are just messed up.
for a quicky, I have just hacked the CharChunk.allocate to remove the size
check:
public void allocate( int initial, int limit ) {
isOutput=true;
// if( buff==null || buff.length < initial ) {
buff=new char[initial];
// }
this.limit=limit;
start=0;
end=0;
isOutput=true;
isSet=true;
}
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org