Search code examples
jakarta-eeejbwildflywildfly-8form-authentication

Wildfly Form Auth fails when using special characters

We are deploying our GWT app to a Wildly 8.1.0 server and are using form authentication for security. Our problem is that every time our customer has a special character (æøåäëö, etc.) in their username or password, they cannot login.

I have seen other people having the same issue:

https://developer.jboss.org/thread/42859?tstart=0

UTF-8 encoded j_security_check username incorrectly decoded as Latin-1 in Tomcat realm

Spring security: Form login special characters

but they are using Tomcat/Apache/Spring etc., so I'm having trouble finding a solution that would work for our setup.

Is there any configuration parameter for Wildly/Undertow, so that we can ensure a UTF-8 encoding when our users log in?

Our web.xml:

<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>project-security-policy</realm-name>
    <form-login-config>
        <form-login-page>/login.html</form-login-page>
        <form-error-page>/error.html</form-error-page>
    </form-login-config>
</login-config>

Login form:

<form name="loginform" method="post" autocomplete="on" action="j_security_check" accept-charset="UTF-8 ISO-8859-1" onsubmit="return validate_login_form();">
    <input id="usernameInput" name="j_username" class="form-input" type="text" placeholder="Username" autofocus="">
    <input id="passwordInput" name="j_password" class="form-input" type="password" placeholder="Password">
    <input id="submitButton" type="submit" value="Login">
</form>
Solution

  • I've found the solution. In the standalone file, I have edited the servlet-container parameter in the undertow subsystem, and added the default-encoding attribute. Now my users can have special characters in the username and the password.

    <servlet-container name="default" default-encoding="UTF-8">

    The entire subsystem looks like this:

    <subsystem xmlns="urn:jboss:domain:undertow:1.1">
    <buffer-cache name="default" />
    <server name="default-server">
        <http-listener name="default" socket-binding="http" />
        <host name="default-host" alias="localhost">
            <location name="/" handler="welcome-content" />
            <filter-ref name="server-header" />
            <filter-ref name="x-powered-by-header" />
        </host>
    </server>
    <servlet-container name="default" default-encoding="UTF-8">
        <jsp-config />
    </servlet-container>
    <handlers>
        <file name="welcome-content" path="${jboss.home.dir}/welcome-content" />
    </handlers>
    <filters>
        <response-header name="server-header" header-name="Server" header-value="WildFly/8" />
        <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1" />
    </filters>
</subsystem>