LoginContext.SecureCallbackHandler not UTF-8 friendly

I am using JAAS with JDK 1.4

In my login page, if I enter a user name in East Asian characters, or other non-regular letters, like ? and when I debug my code:

Callback[] callbacks = new Callback[] { new NameCallback("Username: "), new PasswordCallback("Password: ", false) };

callbackHandler.handle(callbacks);

username = ((NameCallback) callbacks[0]).getName();

I would see that the username variable here contains screwed characters. And the callbackHandler is an instance of javax.security.auth.login.LoginContext.SecureCallbackHandler.

I heard a workaround to get the bytes from the screwed username above, and use those bytes to reconstruct a string UTF-8 encoded. But I am afraid that in the future if this issue is fixed by javax..., I would double encode it.

Any suggestions/ideas?

Thanks!

[853 byte] By [Jay_yana] at [2007-10-3 0:26:49]

«« jstl EL functions
»» Interfaces

# 1

Encoding Hell ! ...What's result of your System Property "file.encoding"?

Rulasa at 2007-7-14 17:19:25 >

top of Java-index,Security,Other Security APIs, Tools, and Issues...

# 2

That's a bug of Jetspeed/Tomcat . They will include the fix in the next release. http://issues.apache.org/jira/browse/JS2-555

Jay_yana at 2007-7-14 17:19:25 >

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

LoginContext.SecureCallbackHandler not UTF-8 friendly

Security New Topic

Security Hot Topic

Security

All Classified