Non-ASCII Characters In Request Params Not Being Correctly Encoded During Authentication Process (Doc ID 1510063.1)

Last updated on FEBRUARY 24, 2017

Applies to:

Oracle GlassFish Server - Version 2.1.1 to 3.1.2 [Release 2.1 to 3.1]
Information in this document applies to any platform.

Symptoms

Using a J2EE web application which has security constraints, the user submits a request. If the session is current, the request is handled and everything goes just fine.

However, if the session has expired, the request is directed to an authentication mechanism (e.g. form-based authentication). Once authenticated, if the request contained parameters using non-ASCII characters (i.e. characters that require UTF-8 encoding), those characters will not be correctly encoded.

As a consequence, if those characters are then displayed, they will be seen as corrupted characters.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms