Uploaded image for project: 'Arquillian'
  1. Arquillian
  2. ARQ-630

The default charset is used to encode the HTTP BASIC AUTH credentials string into a sequence of bytes. ISO-8859-1 should be used for Tomcat

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: tomcat_1.0.0.CR3
    • Component/s: Tomcat Containers
    • Labels:
      None
    • Environment:

      Win 7 32-bit (Locale: en_IN, file.encoding = Cp1252), Apache Tomcat 7.0.14

    • Steps to Reproduce:
      Hide

      1. Create a user in Tomcat 7 with the manager-script role assigned to it. The credentials (username or password or both) should contain atleast one umlaut.
      e.g.:

      <user username="Schröder" password="script" roles="manager-script"/>
      

      2. The arquillian.xml file should specify the previously created user in the user and pass properties, and use the.
      e.g.:

      <property name="user">Schröder</property>
      <property name="pass">script</property>
      

      3. Use the workaround specified in SHRINKDESC-97 to allow Arquillian to read the UTF-8 encoded arquillian.xml.

      4. Run the arquillian-tomcat-managed-7 tests, targetted against the configured Tomcat installation. The tests fail with the following error:

      -------------------------------------------------------------------------------
      Test set: org.jboss.arquillian.container.tomcat.managed_7.TomcatManagedClientTestCase
      -------------------------------------------------------------------------------
      Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 349.738 sec <<< FAILURE!
      org.jboss.arquillian.container.tomcat.managed_7.TomcatManagedClientTestCase  Time elapsed: 0 sec  <<< ERROR!
      org.jboss.arquillian.container.spi.client.container.LifecycleException: Could not start container
      	at org.jboss.arquillian.container.tomcat.managed_7.TomcatManagedContainer.start(TomcatManagedContainer.java:175)
      	at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController$5.perform(ContainerLifecycleController.java:144)
      	at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController$5.perform(ContainerLifecycleController.java:134)
      	at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController.forContainer(ContainerLifecycleController.java:186)
      	at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController.startContainer(ContainerLifecycleController.java:133)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      	at java.lang.reflect.Method.invoke(Method.java:597)
      	at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)
      	at org.jboss.arquillian.core.impl.EventContextImpl.invokeObservers(EventContextImpl.java:99)
      	at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:81)
      	at org.jboss.arquillian.container.impl.client.ContainerDeploymentContextHandler.createContainerContext(ContainerDeploymentContextHandler.java:57)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      	at java.lang.reflect.Method.invoke(Method.java:597)
      	at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)
      	at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88)
      	at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:134)
      	at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:114)
      	at org.jboss.arquillian.core.impl.EventImpl.fire(EventImpl.java:67)
      	at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController$2.perform(ContainerLifecycleController.java:83)
      	at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController$2.perform(ContainerLifecycleController.java:76)
      	at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController.forEachContainer(ContainerLifecycleController.java:179)
      	at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController.startContainers(ContainerLifecycleController.java:75)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      	at java.lang.reflect.Method.invoke(Method.java:597)
      	at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)
      	at org.jboss.arquillian.core.impl.EventContextImpl.invokeObservers(EventContextImpl.java:99)
      	at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:81)
      	at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:134)
      	at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:114)
      	at org.jboss.arquillian.core.impl.EventImpl.fire(EventImpl.java:67)
      	at org.jboss.arquillian.container.test.impl.client.ContainerEventController.execute(ContainerEventController.java:83)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      	at java.lang.reflect.Method.invoke(Method.java:597)
      	at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)
      	at org.jboss.arquillian.core.impl.EventContextImpl.invokeObservers(EventContextImpl.java:99)
      	at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:81)
      	at org.jboss.arquillian.test.impl.TestContextHandler.createSuiteContext(TestContextHandler.java:54)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      	at java.lang.reflect.Method.invoke(Method.java:597)
      	at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)
      	at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88)
      	at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:134)
      	at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:114)
      	at org.jboss.arquillian.test.impl.EventTestRunnerAdaptor.beforeSuite(EventTestRunnerAdaptor.java:68)
      	at org.jboss.arquillian.junit.Arquillian.run(Arquillian.java:76)
      	at org.apache.maven.surefire.junit4.JUnit4TestSet.execute(JUnit4TestSet.java:59)
      	at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.executeTestSet(AbstractDirectoryTestSuite.java:115)
      	at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.execute(AbstractDirectoryTestSuite.java:102)
      	at org.apache.maven.surefire.Surefire.run(Surefire.java:180)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      	at java.lang.reflect.Method.invoke(Method.java:597)
      	at org.apache.maven.surefire.booter.SurefireBooter.runSuitesInProcess(SurefireBooter.java:350)
      	at org.apache.maven.surefire.booter.SurefireBooter.main(SurefireBooter.java:1021)
      Caused by: org.jboss.arquillian.container.spi.ConfigurationException: Unable to connect to Tomcat manager. The server command (/text/list) failed with responseCode (401) and responseMessage (Unauthorized).
       
      Please make sure that you provided correct credentials to an user which is able to access Tomcat manager application.
      These credentials can be specified in the Arquillian container configuration as "user" and "pass" properties.
      The user must have appripriate role specified in tomcat-users.xml file.
       
      	at org.jboss.arquillian.container.tomcat.CommonTomcatManager.processResponse(CommonTomcatManager.java:244)
      	at org.jboss.arquillian.container.tomcat.CommonTomcatManager.execute(CommonTomcatManager.java:230)
      	at org.jboss.arquillian.container.tomcat.CommonTomcatManager.list(CommonTomcatManager.java:119)
      	at org.jboss.arquillian.container.tomcat.CommonTomcatManager.isRunning(CommonTomcatManager.java:126)
      	at org.jboss.arquillian.container.tomcat.managed_7.TomcatManagedContainer.start(TomcatManagedContainer.java:162)
      	... 64 more
      

      Show
      1. Create a user in Tomcat 7 with the manager-script role assigned to it. The credentials (username or password or both) should contain atleast one umlaut. e.g.: < user username = "Schröder" password = "script" roles = "manager-script" /> 2. The arquillian.xml file should specify the previously created user in the user and pass properties, and use the. e.g.: < property name = "user" >Schröder</ property > < property name = "pass" >script</ property > 3. Use the workaround specified in SHRINKDESC-97 to allow Arquillian to read the UTF-8 encoded arquillian.xml. 4. Run the arquillian-tomcat-managed-7 tests, targetted against the configured Tomcat installation. The tests fail with the following error: ------------------------------------------------------------------------------- Test set: org.jboss.arquillian.container.tomcat.managed_7.TomcatManagedClientTestCase ------------------------------------------------------------------------------- Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 349.738 sec <<< FAILURE! org.jboss.arquillian.container.tomcat.managed_7.TomcatManagedClientTestCase Time elapsed: 0 sec <<< ERROR! org.jboss.arquillian.container.spi.client.container.LifecycleException: Could not start container at org.jboss.arquillian.container.tomcat.managed_7.TomcatManagedContainer.start(TomcatManagedContainer.java:175) at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController$5.perform(ContainerLifecycleController.java:144) at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController$5.perform(ContainerLifecycleController.java:134) at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController.forContainer(ContainerLifecycleController.java:186) at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController.startContainer(ContainerLifecycleController.java:133) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90) at org.jboss.arquillian.core.impl.EventContextImpl.invokeObservers(EventContextImpl.java:99) at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:81) at org.jboss.arquillian.container.impl.client.ContainerDeploymentContextHandler.createContainerContext(ContainerDeploymentContextHandler.java:57) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90) at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88) at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:134) at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:114) at org.jboss.arquillian.core.impl.EventImpl.fire(EventImpl.java:67) at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController$2.perform(ContainerLifecycleController.java:83) at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController$2.perform(ContainerLifecycleController.java:76) at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController.forEachContainer(ContainerLifecycleController.java:179) at org.jboss.arquillian.container.impl.client.container.ContainerLifecycleController.startContainers(ContainerLifecycleController.java:75) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90) at org.jboss.arquillian.core.impl.EventContextImpl.invokeObservers(EventContextImpl.java:99) at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:81) at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:134) at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:114) at org.jboss.arquillian.core.impl.EventImpl.fire(EventImpl.java:67) at org.jboss.arquillian.container.test.impl.client.ContainerEventController.execute(ContainerEventController.java:83) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90) at org.jboss.arquillian.core.impl.EventContextImpl.invokeObservers(EventContextImpl.java:99) at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:81) at org.jboss.arquillian.test.impl.TestContextHandler.createSuiteContext(TestContextHandler.java:54) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90) at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88) at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:134) at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:114) at org.jboss.arquillian.test.impl.EventTestRunnerAdaptor.beforeSuite(EventTestRunnerAdaptor.java:68) at org.jboss.arquillian.junit.Arquillian.run(Arquillian.java:76) at org.apache.maven.surefire.junit4.JUnit4TestSet.execute(JUnit4TestSet.java:59) at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.executeTestSet(AbstractDirectoryTestSuite.java:115) at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.execute(AbstractDirectoryTestSuite.java:102) at org.apache.maven.surefire.Surefire.run(Surefire.java:180) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.maven.surefire.booter.SurefireBooter.runSuitesInProcess(SurefireBooter.java:350) at org.apache.maven.surefire.booter.SurefireBooter.main(SurefireBooter.java:1021) Caused by: org.jboss.arquillian.container.spi.ConfigurationException: Unable to connect to Tomcat manager. The server command (/text/list) failed with responseCode (401) and responseMessage (Unauthorized).   Please make sure that you provided correct credentials to an user which is able to access Tomcat manager application. These credentials can be specified in the Arquillian container configuration as "user" and "pass" properties. The user must have appripriate role specified in tomcat-users.xml file.   at org.jboss.arquillian.container.tomcat.CommonTomcatManager.processResponse(CommonTomcatManager.java:244) at org.jboss.arquillian.container.tomcat.CommonTomcatManager.execute(CommonTomcatManager.java:230) at org.jboss.arquillian.container.tomcat.CommonTomcatManager.list(CommonTomcatManager.java:119) at org.jboss.arquillian.container.tomcat.CommonTomcatManager.isRunning(CommonTomcatManager.java:126) at org.jboss.arquillian.container.tomcat.managed_7.TomcatManagedContainer.start(TomcatManagedContainer.java:162) ... 64 more

      Description

      Tomcat decodes the Authorization HTTP header containing the HTTP BASIC authentication credentials, using the ISO-8859-1 charset. On the contrary, Arquillian uses Charset.defaultCharset to encode the supplied credentials, before Base64 encoding the resulting byte array. This can result in a 401 error, when accessing the manager application on Tomcat; the failure will occur when the credentials contain characters that are encoded differently in ISO-8859-1 and the default charset of the environment. For example, if the default charset is UTF-8, then credentials containing ö will not be accepted by Tomcat as ö is encoded as 0xC3 0xB6 in UTF-8 and 0xF6 in ISO-8859-1.

      The suggested fix is to use ISO-8859-1 in CommonTomcatManager.constructHttpBasicAuthHeader() as listed:

            // Set up an authorization header with our credentials
            String credentials = configuration.getUser() + ":" + configuration.getPass();
            return "Basic "
                      + new String(Base64.encodeBase64(credentials.getBytes(Charset.forName("ISO-8859-1"))), Charset.defaultCharset());
      

      instead of the existing

            // Set up an authorization header with our credentials
            String credentials = configuration.getUser() + ":" + configuration.getPass();
            return "Basic "
                      + new String(Base64.encodeBase64(credentials.getBytes(Charset.defaultCharset())), Charset.defaultCharset());
      

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  vineet.reynolds Vineet Reynolds
                  Reporter:
                  vineet.reynolds Vineet Reynolds
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  0 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: