Resolution: No Longer Reproducible
Affects Version/s: 6.0.6 GA, 6.1.1 CE GA2, 6.2.0 CE M4
Fix Version/s: Master
Similar Issues:Show 5 results
LPS-4731 Special characters not accepted for password in liferay LPS-272 webdav access fails when Liferay configured for SSO LPS-12087 Basic auth (e.g. WebDAV) is not authenticating from LDAP LPS-3657 Option to not require password for basic authentication LPS-14259 Basic authentication is not enforced for httpclient even if it's set directly in configuration
The class com.liferay.portal.kernel.util.Base64 seems to be used for encoding/decoding urls parts.
But this class is also used to decode credentials in case of a basic authentification, especially for WebDav/sharepoint access.
Unfortunely, this method doesn't decode extended characters like accentued ones (é,è,ï, ...) causing a mismatch when comparing crypted key between the one calculated from these (bad) decoded credentials and the one stored in Liferay (attached to the user account).
And then the authentification from Webdav failed !
It could be possible to make an improvement to the Base64 class, but I suggest to use instead a native java method :
This method method need to know the encoding of the parsed Bytes array, but this information is not avalable in the request, it will be necessary to implement a property (UTF-8 by default) allowing portal deployers to switch to a specific local encoding (like ISO-8859-1).
For my needs, I plan to override this :
ligne 837, méthode getBasicAuthUserId(...)
String credentials = new String(Base64.decode(authorizationArray));
String credentials = new String(javax.xml.bind.DatatypeConverter.parseBase64Binary(authorizationArray),"ISO-8859-1");
I tagged this Jira as a bug, but it's probably more an improvment.