You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2019/12/07 17:14:12 UTC
[tomcat] 09/18: Fix codec
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit b8d9fbc7eb1ebbfd27616c8fa477f2c08862e6de
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Fri Dec 6 19:00:06 2019 +0000
Fix codec
---
.../catalina/authenticator/TestBasicAuthParser.java | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/test/org/apache/catalina/authenticator/TestBasicAuthParser.java b/test/org/apache/catalina/authenticator/TestBasicAuthParser.java
index cc480ff..9f918d2 100644
--- a/test/org/apache/catalina/authenticator/TestBasicAuthParser.java
+++ b/test/org/apache/catalina/authenticator/TestBasicAuthParser.java
@@ -362,26 +362,23 @@ public class TestBasicAuthParser {
/*
* invalid base64 string tests
*
- * Refer to RFC2045 section 6.8.
+ * Refer to
+ * - RFC 7617 (Basic Auth)
+ * - RFC 4648 (base 64)
*/
/*
- * non-trailing "=" should trigger premature termination of the
- * decoder, returning a truncated string that will eventually
- * result in an authentication Assert.failure.
+ * non-trailing "=" is illegal and will be rejected by the parser
*/
- @Test
+ @Test(expected = IllegalArgumentException.class)
public void testBadBase64InlineEquals() throws Exception {
final String BASE64_CRIB = "dXNlcmlkOnNlY3J=dAo=";
- final String TRUNCATED_PWD = "secr";
final BasicAuthHeader AUTH_HEADER =
new BasicAuthHeader(NICE_METHOD, BASE64_CRIB);
+ @SuppressWarnings("unused") // Exception will be thrown.
BasicAuthenticator.BasicCredentials credentials =
new BasicAuthenticator.BasicCredentials(
AUTH_HEADER.getHeader(), StandardCharsets.UTF_8, true);
- Assert.assertEquals(USER_NAME, credentials.getUsername());
- Assert.assertNotSame(PASSWORD, credentials.getPassword());
- Assert.assertEquals(TRUNCATED_PWD, credentials.getPassword());
}
/*
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org