Jersey客户端BASIC认证的Base64编码异常
Base64 encoding exception with BASIC authentication of Jersey client
我在 Wildfly 9 上有一个启用了 BASIC 身份验证的 Jersey 客户端 运行。这在一般情况下效果很好,但是当使用带有特殊字符(例如德语变音符号)的密码时,我得到这个与 Base64 编码相关的异常:
Caused by: java.lang.ArrayIndexOutOfBoundsException: 255
at org.glassfish.jersey.internal.util.Base64.encode(Base64.java:112)
at org.glassfish.jersey.internal.util.Base64.encodeAsString(Base64.java:160)
at org.glassfish.jersey.client.filter.HttpBasicAuthFilter.<init>(HttpBasicAuthFilter.java:98)
at org.glassfish.jersey.client.filter.HttpBasicAuthFilter.<init>(HttpBasicAuthFilter.java:72)
知道我做错了什么吗?
这是一个known bug。
作为解决方法,您可以直接设置 Authorization header 而不是使用 HttpAuthenticationFeature.HTTP_AUTHENTICATION_BASIC_USERNAME 和 HttpAuthenticationFeature.HTTP_AUTHENTICATION_BASIC_PASSWORD 属性。
旧代码:
Invocation.Builder builder = …;
builder
.property(HttpAuthenticationFeature.HTTP_AUTHENTICATION_BASIC_USERNAME, username)
.property(HttpAuthenticationFeature.HTTP_AUTHENTICATION_BASIC_PASSWORD, password);
新代码:
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import javax.ws.rs.core.HttpHeaders;
// …
builder.header(HttpHeaders.AUTHORIZATION, calculateAuthentication(username, password));
// …
private String calculateAuthentication(final String username, final byte[] password) {
final byte[] prefix = (username + ":").getBytes(StandardCharsets.UTF_8);
final byte[] usernamePassword = new byte[prefix.length + password.length];
System.arraycopy(prefix, 0, usernamePassword, 0, prefix.length);
System.arraycopy(password, 0, usernamePassword, prefix.length, password.length);
return "Basic " + Base64.getEncoder().encodeToString(usernamePassword);
}
我在 Wildfly 9 上有一个启用了 BASIC 身份验证的 Jersey 客户端 运行。这在一般情况下效果很好,但是当使用带有特殊字符(例如德语变音符号)的密码时,我得到这个与 Base64 编码相关的异常:
Caused by: java.lang.ArrayIndexOutOfBoundsException: 255
at org.glassfish.jersey.internal.util.Base64.encode(Base64.java:112)
at org.glassfish.jersey.internal.util.Base64.encodeAsString(Base64.java:160)
at org.glassfish.jersey.client.filter.HttpBasicAuthFilter.<init>(HttpBasicAuthFilter.java:98)
at org.glassfish.jersey.client.filter.HttpBasicAuthFilter.<init>(HttpBasicAuthFilter.java:72)
知道我做错了什么吗?
这是一个known bug。
作为解决方法,您可以直接设置 Authorization header 而不是使用 HttpAuthenticationFeature.HTTP_AUTHENTICATION_BASIC_USERNAME 和 HttpAuthenticationFeature.HTTP_AUTHENTICATION_BASIC_PASSWORD 属性。
旧代码:
Invocation.Builder builder = …;
builder
.property(HttpAuthenticationFeature.HTTP_AUTHENTICATION_BASIC_USERNAME, username)
.property(HttpAuthenticationFeature.HTTP_AUTHENTICATION_BASIC_PASSWORD, password);
新代码:
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import javax.ws.rs.core.HttpHeaders;
// …
builder.header(HttpHeaders.AUTHORIZATION, calculateAuthentication(username, password));
// …
private String calculateAuthentication(final String username, final byte[] password) {
final byte[] prefix = (username + ":").getBytes(StandardCharsets.UTF_8);
final byte[] usernamePassword = new byte[prefix.length + password.length];
System.arraycopy(prefix, 0, usernamePassword, 0, prefix.length);
System.arraycopy(password, 0, usernamePassword, prefix.length, password.length);
return "Basic " + Base64.getEncoder().encodeToString(usernamePassword);
}