You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2007/01/25 19:07:53 UTC
DO NOT REPLY [Bug 41467] New: - the $ character is being removed from
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41467>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41467
Summary: the $ character is being removed from
<ResourceParams><parameter><value>
Product: Tomcat 5
Version: 5.0.28
Platform: All
OS/Version: other
Status: NEW
Severity: normal
Priority: P1
Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: mjremijan@yahoo.com
I ran into an interesting bug. The password for my database was recently
changed and the password contains the '$' character. When I updated server.xml
and started Tomcat I got invalid username/password errors. I dug into the
problem a little deeper and found that if I set the password value to
be "abc$123" then when the value got down to the Oracle driver it would
be "abc123" with the $ character removed.
<ResourceParams name="jdbc/agcc_iis">
<parameter>
<name>password</name>
<value>abc$123</value>
</parameter>
</ResourceParams>
Digging deeper I found the source of the problem to be the
org.apache.tomcat.util.IntrospectionUtils class, specifically the method:
public static String replaceProperties(String value, Hashtable staticProp,
PropertySource dynamicProp[] ) { ... }
I guessing that if this method does not find something of the pattern ${...}
then it tries to put the string back together again but it's not putting it
back together again properly because I loose my '$'. Plus I don't see anything
in the code which would allow me to escape the processing.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 41467] - the $ character is being removed from
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41467>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41467
------- Additional Comments From asf-bugzilla@richardfearn.co.uk 2007-03-13 14:39 -------
Created an attachment (id=19705)
--> (http://issues.apache.org/bugzilla/attachment.cgi?id=19705&action=view)
Test to see whether IntrospectionUtils removes '$'
Needs to be run with TOMCAT/server/lib/tomcat-util.jar on the classpath.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 41467] - the $ character is being removed from
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41467>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41467
markt@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
------- Additional Comments From markt@apache.org 2007-03-13 21:39 -------
There has been little to no development on the 5.0.x branch for some time.
Realistically, this isn't going to get fixed in this branch.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 41467] - the $ character is being removed from
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41467>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41467
asf-bugzilla@richardfearn.co.uk changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |asf-
| |bugzilla@richardfearn.co.uk
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 41467] - the $ character is being removed from
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41467>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41467
------- Additional Comments From asf-bugzilla@richardfearn.co.uk 2007-03-13 14:50 -------
> This is the same problem as reported in bug 32719. That bug was reported
> against 5.5.4, and has been fixed since 5.5.7 (January 2004). The fix was
> made here:
Oops - Tomcat 5.5.7 was released in January 2005, not 2004 :-)
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 41467] - the $ character is being removed from
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41467>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41467
------- Additional Comments From asf-bugzilla@richardfearn.co.uk 2007-03-13 14:37 -------
This is the same problem as reported in bug 32719. That bug was reported against
5.5.4, and has been fixed since 5.5.7 (January 2004). The fix was made here:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/util/java/org/apache/tomcat/util/IntrospectionUtils.java?r1=299808&r2=300044&diff_format=h
Are you unable to upgrade to 5.5?
I'll attach a simple test case anyway. It needs to be run with
TOMCAT/server/lib/tomcat-util.jar on the classpath. For 5.0.28 and 5.0.30, the
'$' is removed. For 5.5.23 it isn't removed.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org