Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use UTF-8 encoding for client basic auth if requested #5845

Closed
mperktold opened this issue Dec 28, 2020 · 2 comments · Fixed by #5847
Closed

Use UTF-8 encoding for client basic auth if requested #5845

mperktold opened this issue Dec 28, 2020 · 2 comments · Fixed by #5847
Projects
Jetty 9.4.36

Comments

@mperktold
Copy link

Jetty version: 9.4.35.v20201120
Java version: AdoptOpenJDK 11.0.9
OS type/version: Windows 10 64 bit

Description
When using the HttpClient with basic authentication, Jetty always encodes the credentials using ISO 8859:
https://github.com/eclipse/jetty.project/blob/cbdfaaa335904a7ecc2a7b20208de00f798a5e04/jetty-client/src/main/java/org/eclipse/jetty/client/util/BasicAuthentication.java#L89

While this is fine for a default charset, servers can use a special charset parameter of the WWW-Authenticate header to tell the client to encode the credentials using UTF-8, as specified here: https://tools.ietf.org/html/rfc7617#section-2.1

For being able to connect to servers that expect UTF-8, Jetty should honor the charset parameter.
Additionally, it should be possible to specify UTF-8 encoding when authenticating preemptively, e.g. by passing a Charset to the constructor of BasicResult.
sbordet added a commit that referenced this issue Dec 29, 2020
@sbordet
Fixes #5845 - Use UTF-8 encoding for client basic auth if requested.
f4caf07 
* Introduced get/setCharset in BasicAuthenticator on server-side.
* Looking for the "charset" parameter on the client-side, and if there, use it.
* Added test case.
* Code cleanups.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
@sbordet sbordet linked a pull request Dec 29, 2020 that will close this issue
Fixes #5845 - Use UTF-8 encoding for client basic auth if requested. #5847
Merged
@sbordet
Copy link
Contributor

sbordet commented Dec 29, 2020

@mperktold can you try branch jetty-9.4.x-5845-basic_auth_charset to see if it works for you?

@mperktold
Copy link
Author

@sbordet works fine, thanks! 👍

sbordet added a commit that referenced this issue Dec 30, 2020
@sbordet
Fixes #5845 - Use UTF-8 encoding for client basic auth if requested.
655c2e3 
Don't use unicode sequences to please CheckStyle.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
sbordet added a commit that referenced this issue Dec 30, 2020
@sbordet
Fixes #5845 - Use UTF-8 encoding for client basic auth if requested.
6535f2d 
Disable CheckStyle check so that the unicode sequence in the test matches that in realm.properties.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
@sbordet sbordet added this to To do in Jetty 9.4.36 via automation Dec 30, 2020
Jetty 9.4.36 automation moved this from To do to Done Jan 12, 2021
This was referenced Mar 10, 2021
Open
Open
Open
Open
Closed
Open
Open
Open
Closed
Open
Closed
Closed
Closed
Open
Open
Closed
Closed
Closed
Closed
Closed
This was referenced Mar 10, 2021
Merged
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Merged
Closed
Merged
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
No open projects
Jetty 9.4.36
Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fixes #5845 - Use UTF-8 encoding for client basic auth if requested. jetty/jetty.project
2 participants
@sbordet @mperktold