It seems, that at the form based authenticator is bug.
If you try to put non-ascii characters (Chinese, arabish, russian alphabet) into
password field, and use jdbcrealm, properly configured including jdbc
connection, the login everytime fails. Login field itself could be ascii or
non-ascii, doesn't matter.
We discussed that here http://forums.java.net/jive/thread.jspa?threadID=40977
and it looks like there really is missing charset in getBytes. As monzillo writes:
it gets the password as a String from a
parameter of the httpservletrequest, and then the realm calls String.getBytes()
without specifying a character set to use in the encoding. As such, the
platform's default char set is used in the encoding, which apparently does not
match the charset used used by your browser when you entered the password and it
created the request.
I set charset to UTF8 in realm configuration, but it's not used.
I tried also use MD5 hashing, but it's not working either.
(Probably both ends on this same line - String.getBytes(), which should take
charset field from realm config?)
Please let me know about fix, and how to use it as patch, since we cannot wait
until release, thanks a lot