|Summary:||Support characters sets other than ISO 8859-1 in HTTP Basic authentication|
|Product:||Tomcat 9||Reporter:||Roland Illig <rillig>|
|Component:||Catalina||Assignee:||Tomcat Developers Mailing List <dev>|
Description Roland Illig 2017-07-11 11:08:52 UTC
https://tools.ietf.org/html/rfc7617 This RFC describes how to implement Basic authentication for usernames and passwords that are not restricted to characters below U+0100. The BasicAuthenticator class should be updated to refer to RFC 7617 instead of the obsolete RFC 2617. The character set used in BasicAuthenticator class should be made configurable.
Comment 1 Mark Thomas 2017-09-04 11:28:51 UTC
Fixed in: - trunk for 9.0.0.M27 onwards - 8.5.x for 8.5.21 onwards - 8.0.x for 8.0.47 onwards - 7.0.x for 7.0.82 onwards Note that it is disabled by default for all versions since browser support for RFC 7617 is very patchy.