cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

JAAS login module - does SAP's HttpCallbackHandlerImpl support UTF-8?

Former Member

on ‎04-13-2006 6:27 AM

0 Kudos

hello all,

i am running netweaver 2004 sp14 j2ee engine on windows 2003 using oracle db. i have a servlet-based web application that has its own user authentication scheme and uses a form-based login screen. i create a jaas login module, add it to the ume user store and configure it for my web app. mostly it works fine.

now i am facing a problem when the user id contains non-ascii characters, such as "Tomcôté_ça1". i am very sure it is a valid user in my web app and the same user id works fine on Weblogic. when i add this user to j2ee UME via Visual Admin tool and the Administrator group, i can login with this id to the UserAdmin web page too (http://host:50000/useradmin). so the user id itself is ok and from browser to j2ee engine there is no data corruption. i've set up my IE browser to always send URLs in UTF-8.

i debugged in my login module code and found something interesting. by the time my code gets the user id from the callback handler, the id is already corrupted, all the French characters are garbage now. so i looked at some of the sap data structures in the Eclipse debugger.

in my login module, when method, public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options), is first invoked, the CallbackHandler passed in is of type: "com.sap.engine.services.servlets_jsp.server.security.HttpCallbackHandlerImpl".

this object has one data member named "clientInfo" of type "com.sap.engine.services.servlets_jsp.server.security.HttpRequestClientInfoImpl". and this object has a data member named "characterEncoding", whose value is "ISO-8859-1".

i think the encoding NOT being UTF-8 is the cause of my problem. the question is, is there any way for me to set it to UTF-8? perhaps not in the login module code, because it would have been too late by then since the user id and password were already read and parsed from the http request.

so it sounds like somewhere in the j2ee engine configuration, i should be able to set character encoding to always be UTF-8? but where? i've done certain amount of searching in the service marketplace (oss notes), sap online help site and this SDN site. so far, no useful information.

if you have run into similar problems and have ideas as to where to find more information on the subject, would you pls kindly drop me a line or two? or for the SAP folks, if you think this may be a bug of the j2ee engine, pls let me know too.

thanks you very much.

wentao

wentao@vendavo.com

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎12-02-2009 2:46 PM
0 Kudos

> 

i debugged in my login module code and found something interesting. by the time my code gets the user id from the callback handler, the id is already corrupted, all the French characters are garbage now

I am experiencing something similar (but have no access to debugging at the mo).

If I am reading the strings from callback handler in which encoding are they supposed to be?

Is the encoding fixed like hard coded to "ISO-8859-1" or do the character settings of Portal have any affect?

Show replies
Show replies
Former Member
‎04-14-2006 10:47 PM
0 Kudos

bit of additional information. i added the following to my login module code, just to see what Content-Type is passed through:

callbacks[2] = new HttpGetterCallback();

((HttpGetterCallback) callbacks[2]).setType(HttpCallback.HEADER);

((HttpGetterCallback) callbacks[2]).setName("Content-Type");

then in debugger, i see the value of Content-Type from http header is <b>"application/x-www-form-urlencoded"</b>, without any charset value!

here is what's in my logon.jsp form:

<%@ page contentType = "text/html;charset=UTF-8"

%>

....

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

...

</head>

<body class="logon" onLoad="doSetLogonFocus()">

</body>

</html>

QUESTION is now: what should i do to set the charset to UTF-8?

pls help!

wentao

Show replies
Show replies
Former Member
‎05-09-2006 4:50 PM
0 Kudos

Wentao,

I am facing problems using custom login module (following http://help.sap.com/saphelp_nw2004s/helpdata/en/3f/1be040e136742ae10000000a155106/content.htm). I got past the stage of all set up/configuration and now my login.html is able to correctly calls the servlet, which inturn calls the login module (exactly as the one in the above link"

protected void doGet(
		HttpServletRequest request,
		HttpServletResponse response)
		throws ServletException, IOException {
		PrintWriter out = response.getWriter();
		out.println("<html><body>");
		
		try {
			LoginContext lc = new LoginContext("MyLoginStack");
			lc.login();
			out.println("Login Successful");
		} catch (LoginException le) {
			out.println("Error: " + le.getMessage());
		}
		out.println("</body></html>");
	}

But, I have "Access Denied" being dispayed after I hit login button. I debugged and found that the custom login module stops executing at the last line in the following code snippet in login() method.

   		 Callback[] callbacks = new Callback[1];	
		 callbacks[0] = new HttpGetterCallback();	
		  	
		 /* The type and the name specify which part of the HTTP request	
		  * should be retrieved. For Web container authentication, the	
		  * supported types are defined in the interface	
		  * com.sap.engine.lib.security.http.HttpCallback.	
		  * For programmatical authentication with custom callback	
		  * handler the supported types depend on the callback handler used.	
		  */	
		((HttpGetterCallback) callbacks[0]).setType(HttpCallback.REQUEST_PARAMETER);	
		((HttpGetterCallback) callbacks[0]).setName("user_name");	 	
		
		 try {	
			callbackHandler.handle(callbacks);

where it throws a LoginException.

What is it that I am doing wrong? Appreciate any pointers.

Thanks,

Kiran

Former Member
‎06-25-2006 12:16 PM
0 Kudos

Hi Wentao,

Currently there is no direct possibility to set request encoding through HTTP callbacks for NW04 and NW04s. Introducing such feature will lead to some side effects including incompatibility. We will provide such feature with the next forthcoming major release.

As a workaround you may use the workaround you have mentioned - getting bytes from value as ISO-8859-1 and using them as new string constructed with UTF-8 encoded bytes.

Kind regards,

Svilen.

Former Member
‎08-17-2006 8:57 PM
0 Kudos

Your getting the error on that line because the callbackHandler is null and throwing a NullPointerException. When progromatically calling the login stack with the LoginContext you need to pass a CallbackHandler in the constructor.

Ask a Question