You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jspwiki.apache.org by "Harry Metske (Closed) (JIRA)" <ji...@apache.org> on 2011/09/28 21:30:46 UTC
[jira] [Closed] (JSPWIKI-217) Support for DBCS page names when using web container authorization

     [ https://issues.apache.org/jira/browse/JSPWIKI-217?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Harry Metske closed JSPWIKI-217.
--------------------------------

    Resolution: Invalid

no response from submitter.
                
> Support for DBCS page names when using web container authorization
> ------------------------------------------------------------------
>
>                 Key: JSPWIKI-217
>                 URL: https://issues.apache.org/jira/browse/JSPWIKI-217
>             Project: JSPWiki
>          Issue Type: Bug
>    Affects Versions: 2.6.0
>         Environment: Tomcat 5.5.26 with URIEncoding=utf-8 enabled using AJP
> JSPWiki 2.6.0 
>            Reporter: David Gao
>             Fix For: FutureVersion
>
>
> JSPWiki Configuration:
> * jspwiki.encoding = UTF-8
> * jspwiki.breakTitleWithSpaces = true
> * Web container authorization via LDAP (Sun One Directory Server)
> * Security constraint enabled in web.xml with default setting ( Users need to login first before editing or commenting)
> Recreation Scenario:
> DBCS String used for page name:  测试 (codepoint: U+6D4B U+8BD5, UTF-8 String: %E6%B5%8B%E8%AF%95) // I'm not sure if you can read Chinese characters in this mail)
> 1. Create & Savie a new page with the above string (U+6D4B U+8BD5) as the page name with a valid login
> 2. Logout JSPWiki after creating the page. Clear cookies.
> 3. Browse to the page and click on the Edit link. This will direct you to the login page
> 4. Login with a valid user name
> 5. The page name displayed in main area will change to "Æµ È" and page content becomes blank
> 6. Choose Cancel. And the page name in URL becomes "%C3%86%C2%B5%C3%88". Wiki prompts to create a new page.
> ------------------
> Security Constraint in web.xml
>   <security-constraint>
>       <web-resource-collection>
>           <web-resource-name>Authenticated area</web-resource-name>
>           <url-pattern>/Edit.jsp</url-pattern>
>           <url-pattern>/Comment.jsp</url-pattern>
>           <url-pattern>/Login.jsp</url-pattern>
>           <url-pattern>/NewGroup.jsp</url-pattern>
>           <url-pattern>/Rename.jsp</url-pattern>
>           <url-pattern>/Upload.jsp</url-pattern>
>           <http-method>DELETE</http-method>
>           <http-method>GET</http-method>
>           <http-method>HEAD</http-method>
>           <http-method>POST</http-method>
>           <http-method>PUT</http-method>
>       </web-resource-collection>
>       <web-resource-collection>
>           <web-resource-name>Read-only Area</web-resource-name>
>           <url-pattern>/attach</url-pattern>
>           <http-method>DELETE</http-method>
>           <http-method>POST</http-method>
>           <http-method>PUT</http-method>
>       </web-resource-collection>
>       <auth-constraint>
>           <role-name>tomcat-admin</role-name>
>           <role-name>LGE-SH</role-name>
>       </auth-constraint>
>      <!--
>       <user-data-constraint>
>           <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>       </user-data-constraint>
>       -->
>   </security-constraint>
>   <login-config>
>       <auth-method>FORM</auth-method>
>       <form-login-config>
>           <form-login-page>/LoginForm.jsp</form-login-page>
>           <form-error-page>/LoginForm.jsp</form-error-page>
>       </form-login-config>
>   </login-config>
>   <security-role>
>       <description>
>           This logical role includes all authenticated users
>       </description>
>       <role-name>LGE-SH</role-name>
>   </security-role>
>   <security-role>
>       <description>
>           This logical role includes all administrative users
>       </description>
>       <role-name>tomcat-admin</role-name>
>   </security-role> 
> Please log on to my environment to check the issue with this credential (tester/tester). I think this may be an issue of JSPWiki.
> http://vanceinfo-sh.vicp.net:8081/wiki/Wiki.jsp?page=%E6%B5%8B%E8%AF%95
> The page name becomes 3 question marks (???) in log entries:
> ------------------------------------------------------------------------------------------------------------------
> 2008-03-05 09:21:40,098 [ajp-8009-2] INFO JSPWiki Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Editing page ???. User=高建民, host=192.168.253.68
> 2008-03-05 09:21:40,098 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.PageManager Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Locked page ??? for 高建民
> 2008-03-05 09:21:40,129 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.auth.SessionMonitor Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Looking up WikiSession for session ID=84941ECC59FDEEEECB06385D30641E22... found it
> 2008-03-05 09:21:40,129 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.auth.SessionMonitor Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Looking up WikiSession for session ID=84941ECC59FDEEEECB06385D30641E22... found it
> 2008-03-05 09:21:40,145 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.render.RenderingManager Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Re-rendering and storing ???::-1
> 2008-03-05 09:21:40,145 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.providers.CachingAttachmentProvider Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Getting attachments for WikiPage [Knowledge Base:???,ver=-1,mod=null], name=高建民, version=-1 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira