You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jspwiki.apache.org by "David Gao (JIRA)" <ji...@apache.org> on 2008/03/19 15:28:24 UTC
[jira] Created: (JSPWIKI-217) Support for DBCS page names when
using web container authorization
Support for DBCS page names when using web container authorization
------------------------------------------------------------------
Key: JSPWIKI-217
URL: https://issues.apache.org/jira/browse/JSPWIKI-217
Project: JSPWiki
Issue Type: Bug
Affects Versions: 2.6.0
Environment: Tomcat 5.5.26 with URIEncoding=utf-8 enabled using AJP
JSPWiki 2.6.0
Reporter: David Gao
JSPWiki Configuration:
* jspwiki.encoding = UTF-8
* jspwiki.breakTitleWithSpaces = true
* Web container authorization via LDAP (Sun One Directory Server)
* Security constraint enabled in web.xml with default setting ( Users need to login first before editing or commenting)
Recreation Scenario:
DBCS String used for page name: 测试 (codepoint: U+6D4B U+8BD5, UTF-8 String: %E6%B5%8B%E8%AF%95) // I'm not sure if you can read Chinese characters in this mail)
1. Create & Savie a new page with the above string (U+6D4B U+8BD5) as the page name with a valid login
2. Logout JSPWiki after creating the page. Clear cookies.
3. Browse to the page and click on the Edit link. This will direct you to the login page
4. Login with a valid user name
5. The page name displayed in main area will change to "Ƶ È" and page content becomes blank
6. Choose Cancel. And the page name in URL becomes "%C3%86%C2%B5%C3%88". Wiki prompts to create a new page.
------------------
Security Constraint in web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>Authenticated area</web-resource-name>
<url-pattern>/Edit.jsp</url-pattern>
<url-pattern>/Comment.jsp</url-pattern>
<url-pattern>/Login.jsp</url-pattern>
<url-pattern>/NewGroup.jsp</url-pattern>
<url-pattern>/Rename.jsp</url-pattern>
<url-pattern>/Upload.jsp</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>HEAD</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<web-resource-collection>
<web-resource-name>Read-only Area</web-resource-name>
<url-pattern>/attach</url-pattern>
<http-method>DELETE</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>tomcat-admin</role-name>
<role-name>LGE-SH</role-name>
</auth-constraint>
<!--
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
-->
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/LoginForm.jsp</form-login-page>
<form-error-page>/LoginForm.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>
This logical role includes all authenticated users
</description>
<role-name>LGE-SH</role-name>
</security-role>
<security-role>
<description>
This logical role includes all administrative users
</description>
<role-name>tomcat-admin</role-name>
</security-role>
Please log on to my environment to check the issue with this credential (tester/tester). I think this may be an issue of JSPWiki.
http://vanceinfo-sh.vicp.net:8081/wiki/Wiki.jsp?page=%E6%B5%8B%E8%AF%95
The page name becomes 3 question marks (???) in log entries:
------------------------------------------------------------------------------------------------------------------
2008-03-05 09:21:40,098 [ajp-8009-2] INFO JSPWiki Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Editing page ???. User=高建民, host=192.168.253.68
2008-03-05 09:21:40,098 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.PageManager Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Locked page ??? for 高建民
2008-03-05 09:21:40,129 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.auth.SessionMonitor Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Looking up WikiSession for session ID=84941ECC59FDEEEECB06385D30641E22... found it
2008-03-05 09:21:40,129 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.auth.SessionMonitor Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Looking up WikiSession for session ID=84941ECC59FDEEEECB06385D30641E22... found it
2008-03-05 09:21:40,145 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.render.RenderingManager Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Re-rendering and storing ???::-1
2008-03-05 09:21:40,145 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.providers.CachingAttachmentProvider Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Getting attachments for WikiPage [Knowledge Base:???,ver=-1,mod=null], name=高建民, version=-1
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (JSPWIKI-217) Support for DBCS page names when
using web container authorization
Posted by "Janne Jalkanen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/JSPWIKI-217?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12580475#action_12580475 ]
Janne Jalkanen commented on JSPWIKI-217:
----------------------------------------
Appears to work well with custom authentication, so my guess is that this is a problem with the servlet container. Maybe you need to add URIEncoding=UTF8 also to some other Connectors?
> Support for DBCS page names when using web container authorization
> ------------------------------------------------------------------
>
> Key: JSPWIKI-217
> URL: https://issues.apache.org/jira/browse/JSPWIKI-217
> Project: JSPWiki
> Issue Type: Bug
> Affects Versions: 2.6.0
> Environment: Tomcat 5.5.26 with URIEncoding=utf-8 enabled using AJP
> JSPWiki 2.6.0
> Reporter: David Gao
>
> JSPWiki Configuration:
> * jspwiki.encoding = UTF-8
> * jspwiki.breakTitleWithSpaces = true
> * Web container authorization via LDAP (Sun One Directory Server)
> * Security constraint enabled in web.xml with default setting ( Users need to login first before editing or commenting)
> Recreation Scenario:
> DBCS String used for page name: 测试 (codepoint: U+6D4B U+8BD5, UTF-8 String: %E6%B5%8B%E8%AF%95) // I'm not sure if you can read Chinese characters in this mail)
> 1. Create & Savie a new page with the above string (U+6D4B U+8BD5) as the page name with a valid login
> 2. Logout JSPWiki after creating the page. Clear cookies.
> 3. Browse to the page and click on the Edit link. This will direct you to the login page
> 4. Login with a valid user name
> 5. The page name displayed in main area will change to "Ƶ È" and page content becomes blank
> 6. Choose Cancel. And the page name in URL becomes "%C3%86%C2%B5%C3%88". Wiki prompts to create a new page.
> ------------------
> Security Constraint in web.xml
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Authenticated area</web-resource-name>
> <url-pattern>/Edit.jsp</url-pattern>
> <url-pattern>/Comment.jsp</url-pattern>
> <url-pattern>/Login.jsp</url-pattern>
> <url-pattern>/NewGroup.jsp</url-pattern>
> <url-pattern>/Rename.jsp</url-pattern>
> <url-pattern>/Upload.jsp</url-pattern>
> <http-method>DELETE</http-method>
> <http-method>GET</http-method>
> <http-method>HEAD</http-method>
> <http-method>POST</http-method>
> <http-method>PUT</http-method>
> </web-resource-collection>
> <web-resource-collection>
> <web-resource-name>Read-only Area</web-resource-name>
> <url-pattern>/attach</url-pattern>
> <http-method>DELETE</http-method>
> <http-method>POST</http-method>
> <http-method>PUT</http-method>
> </web-resource-collection>
> <auth-constraint>
> <role-name>tomcat-admin</role-name>
> <role-name>LGE-SH</role-name>
> </auth-constraint>
> <!--
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> -->
> </security-constraint>
> <login-config>
> <auth-method>FORM</auth-method>
> <form-login-config>
> <form-login-page>/LoginForm.jsp</form-login-page>
> <form-error-page>/LoginForm.jsp</form-error-page>
> </form-login-config>
> </login-config>
> <security-role>
> <description>
> This logical role includes all authenticated users
> </description>
> <role-name>LGE-SH</role-name>
> </security-role>
> <security-role>
> <description>
> This logical role includes all administrative users
> </description>
> <role-name>tomcat-admin</role-name>
> </security-role>
> Please log on to my environment to check the issue with this credential (tester/tester). I think this may be an issue of JSPWiki.
> http://vanceinfo-sh.vicp.net:8081/wiki/Wiki.jsp?page=%E6%B5%8B%E8%AF%95
> The page name becomes 3 question marks (???) in log entries:
> ------------------------------------------------------------------------------------------------------------------
> 2008-03-05 09:21:40,098 [ajp-8009-2] INFO JSPWiki Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Editing page ???. User=高建民, host=192.168.253.68
> 2008-03-05 09:21:40,098 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.PageManager Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Locked page ??? for 高建民
> 2008-03-05 09:21:40,129 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.auth.SessionMonitor Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Looking up WikiSession for session ID=84941ECC59FDEEEECB06385D30641E22... found it
> 2008-03-05 09:21:40,129 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.auth.SessionMonitor Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Looking up WikiSession for session ID=84941ECC59FDEEEECB06385D30641E22... found it
> 2008-03-05 09:21:40,145 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.render.RenderingManager Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Re-rendering and storing ???::-1
> 2008-03-05 09:21:40,145 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.providers.CachingAttachmentProvider Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Getting attachments for WikiPage [Knowledge Base:???,ver=-1,mod=null], name=高建民, version=-1
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (JSPWIKI-217) Support for DBCS page names when
using web container authorization
Posted by "Janne Jalkanen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/JSPWIKI-217?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12580476#action_12580476 ]
Janne Jalkanen commented on JSPWIKI-217:
----------------------------------------
Oh yeah, my *guess* is that Tomcat does some internal redirection when it uses container authentication, and *that* loses the URI encoding.
> Support for DBCS page names when using web container authorization
> ------------------------------------------------------------------
>
> Key: JSPWIKI-217
> URL: https://issues.apache.org/jira/browse/JSPWIKI-217
> Project: JSPWiki
> Issue Type: Bug
> Affects Versions: 2.6.0
> Environment: Tomcat 5.5.26 with URIEncoding=utf-8 enabled using AJP
> JSPWiki 2.6.0
> Reporter: David Gao
>
> JSPWiki Configuration:
> * jspwiki.encoding = UTF-8
> * jspwiki.breakTitleWithSpaces = true
> * Web container authorization via LDAP (Sun One Directory Server)
> * Security constraint enabled in web.xml with default setting ( Users need to login first before editing or commenting)
> Recreation Scenario:
> DBCS String used for page name: 测试 (codepoint: U+6D4B U+8BD5, UTF-8 String: %E6%B5%8B%E8%AF%95) // I'm not sure if you can read Chinese characters in this mail)
> 1. Create & Savie a new page with the above string (U+6D4B U+8BD5) as the page name with a valid login
> 2. Logout JSPWiki after creating the page. Clear cookies.
> 3. Browse to the page and click on the Edit link. This will direct you to the login page
> 4. Login with a valid user name
> 5. The page name displayed in main area will change to "Ƶ È" and page content becomes blank
> 6. Choose Cancel. And the page name in URL becomes "%C3%86%C2%B5%C3%88". Wiki prompts to create a new page.
> ------------------
> Security Constraint in web.xml
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Authenticated area</web-resource-name>
> <url-pattern>/Edit.jsp</url-pattern>
> <url-pattern>/Comment.jsp</url-pattern>
> <url-pattern>/Login.jsp</url-pattern>
> <url-pattern>/NewGroup.jsp</url-pattern>
> <url-pattern>/Rename.jsp</url-pattern>
> <url-pattern>/Upload.jsp</url-pattern>
> <http-method>DELETE</http-method>
> <http-method>GET</http-method>
> <http-method>HEAD</http-method>
> <http-method>POST</http-method>
> <http-method>PUT</http-method>
> </web-resource-collection>
> <web-resource-collection>
> <web-resource-name>Read-only Area</web-resource-name>
> <url-pattern>/attach</url-pattern>
> <http-method>DELETE</http-method>
> <http-method>POST</http-method>
> <http-method>PUT</http-method>
> </web-resource-collection>
> <auth-constraint>
> <role-name>tomcat-admin</role-name>
> <role-name>LGE-SH</role-name>
> </auth-constraint>
> <!--
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> -->
> </security-constraint>
> <login-config>
> <auth-method>FORM</auth-method>
> <form-login-config>
> <form-login-page>/LoginForm.jsp</form-login-page>
> <form-error-page>/LoginForm.jsp</form-error-page>
> </form-login-config>
> </login-config>
> <security-role>
> <description>
> This logical role includes all authenticated users
> </description>
> <role-name>LGE-SH</role-name>
> </security-role>
> <security-role>
> <description>
> This logical role includes all administrative users
> </description>
> <role-name>tomcat-admin</role-name>
> </security-role>
> Please log on to my environment to check the issue with this credential (tester/tester). I think this may be an issue of JSPWiki.
> http://vanceinfo-sh.vicp.net:8081/wiki/Wiki.jsp?page=%E6%B5%8B%E8%AF%95
> The page name becomes 3 question marks (???) in log entries:
> ------------------------------------------------------------------------------------------------------------------
> 2008-03-05 09:21:40,098 [ajp-8009-2] INFO JSPWiki Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Editing page ???. User=高建民, host=192.168.253.68
> 2008-03-05 09:21:40,098 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.PageManager Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Locked page ??? for 高建民
> 2008-03-05 09:21:40,129 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.auth.SessionMonitor Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Looking up WikiSession for session ID=84941ECC59FDEEEECB06385D30641E22... found it
> 2008-03-05 09:21:40,129 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.auth.SessionMonitor Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Looking up WikiSession for session ID=84941ECC59FDEEEECB06385D30641E22... found it
> 2008-03-05 09:21:40,145 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.render.RenderingManager Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Re-rendering and storing ???::-1
> 2008-03-05 09:21:40,145 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.providers.CachingAttachmentProvider Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Getting attachments for WikiPage [Knowledge Base:???,ver=-1,mod=null], name=高建民, version=-1
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (JSPWIKI-217) Support for DBCS page names when
using web container authorization
Posted by "Janne Jalkanen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/JSPWIKI-217?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12588250#action_12588250 ]
Janne Jalkanen commented on JSPWIKI-217:
----------------------------------------
Is there any new info with respect to this?
> Support for DBCS page names when using web container authorization
> ------------------------------------------------------------------
>
> Key: JSPWIKI-217
> URL: https://issues.apache.org/jira/browse/JSPWIKI-217
> Project: JSPWiki
> Issue Type: Bug
> Affects Versions: 2.6.0
> Environment: Tomcat 5.5.26 with URIEncoding=utf-8 enabled using AJP
> JSPWiki 2.6.0
> Reporter: David Gao
>
> JSPWiki Configuration:
> * jspwiki.encoding = UTF-8
> * jspwiki.breakTitleWithSpaces = true
> * Web container authorization via LDAP (Sun One Directory Server)
> * Security constraint enabled in web.xml with default setting ( Users need to login first before editing or commenting)
> Recreation Scenario:
> DBCS String used for page name: 测试 (codepoint: U+6D4B U+8BD5, UTF-8 String: %E6%B5%8B%E8%AF%95) // I'm not sure if you can read Chinese characters in this mail)
> 1. Create & Savie a new page with the above string (U+6D4B U+8BD5) as the page name with a valid login
> 2. Logout JSPWiki after creating the page. Clear cookies.
> 3. Browse to the page and click on the Edit link. This will direct you to the login page
> 4. Login with a valid user name
> 5. The page name displayed in main area will change to "Ƶ È" and page content becomes blank
> 6. Choose Cancel. And the page name in URL becomes "%C3%86%C2%B5%C3%88". Wiki prompts to create a new page.
> ------------------
> Security Constraint in web.xml
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Authenticated area</web-resource-name>
> <url-pattern>/Edit.jsp</url-pattern>
> <url-pattern>/Comment.jsp</url-pattern>
> <url-pattern>/Login.jsp</url-pattern>
> <url-pattern>/NewGroup.jsp</url-pattern>
> <url-pattern>/Rename.jsp</url-pattern>
> <url-pattern>/Upload.jsp</url-pattern>
> <http-method>DELETE</http-method>
> <http-method>GET</http-method>
> <http-method>HEAD</http-method>
> <http-method>POST</http-method>
> <http-method>PUT</http-method>
> </web-resource-collection>
> <web-resource-collection>
> <web-resource-name>Read-only Area</web-resource-name>
> <url-pattern>/attach</url-pattern>
> <http-method>DELETE</http-method>
> <http-method>POST</http-method>
> <http-method>PUT</http-method>
> </web-resource-collection>
> <auth-constraint>
> <role-name>tomcat-admin</role-name>
> <role-name>LGE-SH</role-name>
> </auth-constraint>
> <!--
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> -->
> </security-constraint>
> <login-config>
> <auth-method>FORM</auth-method>
> <form-login-config>
> <form-login-page>/LoginForm.jsp</form-login-page>
> <form-error-page>/LoginForm.jsp</form-error-page>
> </form-login-config>
> </login-config>
> <security-role>
> <description>
> This logical role includes all authenticated users
> </description>
> <role-name>LGE-SH</role-name>
> </security-role>
> <security-role>
> <description>
> This logical role includes all administrative users
> </description>
> <role-name>tomcat-admin</role-name>
> </security-role>
> Please log on to my environment to check the issue with this credential (tester/tester). I think this may be an issue of JSPWiki.
> http://vanceinfo-sh.vicp.net:8081/wiki/Wiki.jsp?page=%E6%B5%8B%E8%AF%95
> The page name becomes 3 question marks (???) in log entries:
> ------------------------------------------------------------------------------------------------------------------
> 2008-03-05 09:21:40,098 [ajp-8009-2] INFO JSPWiki Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Editing page ???. User=高建民, host=192.168.253.68
> 2008-03-05 09:21:40,098 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.PageManager Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Locked page ??? for 高建民
> 2008-03-05 09:21:40,129 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.auth.SessionMonitor Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Looking up WikiSession for session ID=84941ECC59FDEEEECB06385D30641E22... found it
> 2008-03-05 09:21:40,129 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.auth.SessionMonitor Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Looking up WikiSession for session ID=84941ECC59FDEEEECB06385D30641E22... found it
> 2008-03-05 09:21:40,145 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.render.RenderingManager Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Re-rendering and storing ???::-1
> 2008-03-05 09:21:40,145 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.providers.CachingAttachmentProvider Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Getting attachments for WikiPage [Knowledge Base:???,ver=-1,mod=null], name=高建民, version=-1
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (JSPWIKI-217) Support for DBCS page names when
using web container authorization
Posted by "Harry Metske (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/JSPWIKI-217?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Harry Metske updated JSPWIKI-217:
---------------------------------
Fix Version/s: FutureVersion
> Support for DBCS page names when using web container authorization
> ------------------------------------------------------------------
>
> Key: JSPWIKI-217
> URL: https://issues.apache.org/jira/browse/JSPWIKI-217
> Project: JSPWiki
> Issue Type: Bug
> Affects Versions: 2.6.0
> Environment: Tomcat 5.5.26 with URIEncoding=utf-8 enabled using AJP
> JSPWiki 2.6.0
> Reporter: David Gao
> Fix For: FutureVersion
>
>
> JSPWiki Configuration:
> * jspwiki.encoding = UTF-8
> * jspwiki.breakTitleWithSpaces = true
> * Web container authorization via LDAP (Sun One Directory Server)
> * Security constraint enabled in web.xml with default setting ( Users need to login first before editing or commenting)
> Recreation Scenario:
> DBCS String used for page name: 测试 (codepoint: U+6D4B U+8BD5, UTF-8 String: %E6%B5%8B%E8%AF%95) // I'm not sure if you can read Chinese characters in this mail)
> 1. Create & Savie a new page with the above string (U+6D4B U+8BD5) as the page name with a valid login
> 2. Logout JSPWiki after creating the page. Clear cookies.
> 3. Browse to the page and click on the Edit link. This will direct you to the login page
> 4. Login with a valid user name
> 5. The page name displayed in main area will change to "Ƶ È" and page content becomes blank
> 6. Choose Cancel. And the page name in URL becomes "%C3%86%C2%B5%C3%88". Wiki prompts to create a new page.
> ------------------
> Security Constraint in web.xml
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Authenticated area</web-resource-name>
> <url-pattern>/Edit.jsp</url-pattern>
> <url-pattern>/Comment.jsp</url-pattern>
> <url-pattern>/Login.jsp</url-pattern>
> <url-pattern>/NewGroup.jsp</url-pattern>
> <url-pattern>/Rename.jsp</url-pattern>
> <url-pattern>/Upload.jsp</url-pattern>
> <http-method>DELETE</http-method>
> <http-method>GET</http-method>
> <http-method>HEAD</http-method>
> <http-method>POST</http-method>
> <http-method>PUT</http-method>
> </web-resource-collection>
> <web-resource-collection>
> <web-resource-name>Read-only Area</web-resource-name>
> <url-pattern>/attach</url-pattern>
> <http-method>DELETE</http-method>
> <http-method>POST</http-method>
> <http-method>PUT</http-method>
> </web-resource-collection>
> <auth-constraint>
> <role-name>tomcat-admin</role-name>
> <role-name>LGE-SH</role-name>
> </auth-constraint>
> <!--
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> -->
> </security-constraint>
> <login-config>
> <auth-method>FORM</auth-method>
> <form-login-config>
> <form-login-page>/LoginForm.jsp</form-login-page>
> <form-error-page>/LoginForm.jsp</form-error-page>
> </form-login-config>
> </login-config>
> <security-role>
> <description>
> This logical role includes all authenticated users
> </description>
> <role-name>LGE-SH</role-name>
> </security-role>
> <security-role>
> <description>
> This logical role includes all administrative users
> </description>
> <role-name>tomcat-admin</role-name>
> </security-role>
> Please log on to my environment to check the issue with this credential (tester/tester). I think this may be an issue of JSPWiki.
> http://vanceinfo-sh.vicp.net:8081/wiki/Wiki.jsp?page=%E6%B5%8B%E8%AF%95
> The page name becomes 3 question marks (???) in log entries:
> ------------------------------------------------------------------------------------------------------------------
> 2008-03-05 09:21:40,098 [ajp-8009-2] INFO JSPWiki Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Editing page ???. User=高建民, host=192.168.253.68
> 2008-03-05 09:21:40,098 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.PageManager Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Locked page ??? for 高建民
> 2008-03-05 09:21:40,129 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.auth.SessionMonitor Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Looking up WikiSession for session ID=84941ECC59FDEEEECB06385D30641E22... found it
> 2008-03-05 09:21:40,129 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.auth.SessionMonitor Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Looking up WikiSession for session ID=84941ECC59FDEEEECB06385D30641E22... found it
> 2008-03-05 09:21:40,145 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.render.RenderingManager Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Re-rendering and storing ???::-1
> 2008-03-05 09:21:40,145 [ajp-8009-2] DEBUG com.ecyrd.jspwiki.providers.CachingAttachmentProvider Knowledge Base:/wiki/Edit.jsp Knowledge Base:http://192.168.253.200/wiki/Edit.jsp - Getting attachments for WikiPage [Knowledge Base:???,ver=-1,mod=null], name=高建民, version=-1
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.