Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-1111: Fix for "java.io.CharConversionException: Not an ISO 8859-1 character". Use response.getWriter() instead of printing to ServletOutputStream.

This commit is contained in:
Luke Taylor 2009-04-18 07:35:34 +00:00
parent 13af4b95a2
commit 6b3d0eac40
2 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
web/src/main/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilter.java
View File

@ -77,7 +77,7 @@ public class DefaultLoginPageGeneratingFilter extends SpringSecurityFilter {
String loginPageHtml = generateLoginPageHtml(request);
response.setContentType("text/html;charset=UTF-8");
response.setContentLength(loginPageHtml.length());
response.getOutputStream().print(loginPageHtml);
response.getWriter().write(loginPageHtml);
return;
}

22
web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java
View File

@ -2,15 +2,22 @@ package org.springframework.security.web.authentication;
import static org.mockito.Mockito.mock;
import java.io.IOException;
import java.util.Locale;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.junit.Test;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.SpringSecurityMessageSource;
import org.springframework.security.web.FilterChainOrder;
import org.springframework.security.web.authentication.AbstractProcessingFilter;
import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
@ -57,4 +64,19 @@ public class DefaultLoginPageGeneratingFilterTests {
return "unused";
}
}
/* SEC-1111 */
@Test
public void handlesNonIso8859CharsInErrorMessage() throws Exception {
DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new AuthenticationProcessingFilter());
MockHttpServletRequest request = new MockHttpServletRequest("GET", "/spring_security_login");
request.addParameter("login_error", "true");
MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
String message = messages.getMessage(
"AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials", Locale.KOREA);
System.out.println("Message: " + message);
request.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, new BadCredentialsException(message));
filter.doFilter(request, new MockHttpServletResponse(), chain);
}
}