Cookie problem @ RememberMe (mode usernameOnly)
dr.shizuma Jan 11, 2011 5:06 AMHi,
here are the details of my environment:
Seam 2.2.0 GA / JBoss 5.1.0GA
RememberMe runs in mode usernameOnly
.
I never had problems until yesterday, where a user registered with a umlaut
in his nickname. I took a look at the code and saw that, running in mode usernameOnly
, the cookie value doesn't get BASE64 encoded. So, as soon as the user tries to login, seam throws this error:
Caused by: java.lang.IllegalArgumentException: Control character in cookie value, consider BASE64 encoding your value at org.apache.tomcat.util.http.ServerCookie.maybeQuote2(ServerCookie.java:389) at org.apache.tomcat.util.http.ServerCookie.maybeQuote2(ServerCookie.java:382) at org.apache.tomcat.util.http.ServerCookie.appendCookieValue(ServerCookie.java:288) at org.apache.catalina.connector.Response.addCookieInternal(Response.java:1026) at org.apache.catalina.connector.Response.addCookie(Response.java:978) at org.apache.catalina.connector.ResponseFacade.addCookie(ResponseFacade.java:343) at javax.servlet.http.HttpServletResponseWrapper.addCookie(HttpServletResponseWrapper.java:58) at org.ajax4jsf.webapp.FilterServletResponseWrapper.addCookie(FilterServletResponseWrapper.java:627) at javax.servlet.http.HttpServletResponseWrapper.addCookie(HttpServletResponseWrapper.java:58) at org.jboss.seam.faces.Selector.setCookieValueIfEnabled(Selector.java:119) at org.jboss.seam.security.RememberMe$UsernameSelector.setCookieValueIfEnabled(RememberMe.java:70) at org.jboss.seam.security.RememberMe.postAuthenticate(RememberMe.java:363) at sun.reflect.GeneratedMethodAccessor10904.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.jboss.seam.util.Reflections.invoke(Reflections.java:22) at org.jboss.seam.util.Reflections.invokeAndWrap(Reflections.java:144) at org.jboss.seam.Component.callComponentMethod(Component.java:2253) at org.jboss.seam.core.Events.raiseEvent(Events.java:85) at org.jboss.seam.security.Identity.postAuthenticate(Identity.java:397) at org.jboss.seam.security.Identity.authenticate(Identity.java:345) at org.jboss.seam.security.Identity.authenticate(Identity.java:332) at org.jboss.seam.security.Identity.login(Identity.java:259) at sun.reflect.GeneratedMethodAccessor10857.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:335) at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:348) at org.jboss.el.parser.AstPropertySuffix.invoke(AstPropertySuffix.java:58) at org.jboss.el.parser.AstValue.invoke(AstValue.java:96) at org.jboss.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68) at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:88) ... 53 more
Is there a solution how to work around this problem w/o patching Seam? Or is there another reason for this problem?
Many thank!