5 Replies Latest reply on Sep 9, 2010 9:35 AM by swiderski.maciej

    jbpm console interprets special characters in password

    gubespam

      Searched the forums but didn't see this issue mentioned, which seems wierd. Anyway, in jbpm 4.3, when we try to log in with a password that contains the special characters '%' (percent) or '&' (ampersand), authentication fails. If the password happens to end with a '%' symbol, we get this error:

       

      08-26 10:51:33,891 WARN  [org.apache.tomcat.util.http.Parameters] (http-stinger%2F10.20.36.59-8080-1) Parameters: Character decoding failed. Parameter skipped.
      java.io.CharConversionException: EOF
              at org.apache.tomcat.util.buf.UDecoder.convert(UDecoder.java:83)
              at org.apache.tomcat.util.buf.UDecoder.convert(UDecoder.java:49)
              at org.apache.tomcat.util.http.Parameters.urlDecode(Parameters.java:429)
              at org.apache.tomcat.util.http.Parameters.processParameters(Parameters.java:412)
              at org.apache.tomcat.util.http.Parameters.processParameters(Parameters.java:363)
              at org.apache.catalina.connector.Request.parseParameters(Request.java:2562)
              at org.apache.catalina.connector.Request.getParameter(Request.java:1060)
              at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:254)
              at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:417)
              at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
              at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
              at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
              at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
              at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
              at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
              at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
              at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
              at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
              at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
              at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
              at java.lang.Thread.run(Thread.java:619)

       

      Any idea what might be going on?