Impossible to use a password with #
Tomas-Kraus opened this issue · 2 comments
I want to use wsimport against an HTTPS WSDL which requires authetification. However, the password that my provider sets up contains the '#' character and it seems wsimport is using java.net.URL to parse the auth file. If I escape the # character with %23 in the auth file, then I get a too many attempts error
Environment
Win7 64bits JDK1.7.0_65
Affected Versions
[2.2.4]
Source: javaee/metro-jax-ws#1160
Author: glassfishrobot
Auth file text is being processed in com.sun.istack.tools.DefaultAuthenticator#parseLine(String)
method.
new URL(text)
is tried 1st - this parsesRFC 2396
URL strings.- own more fault tolerant code is used when
new URL(text)
fails withMalformedURLException
.
The only limitation of this code is, that plain text password shall not start with '#' character. This causes new URL(text)
to produce mismatched content without throwing MalformedURLException
exception.
Encoded password may contain %23
sequence anywhere.
I was not able to reproduce the problem. Added jUnit
test to make sure passwords with '#' are being parsed properly.