Hi, This problem will be fixed in versions 7.2.0, 7.1.1 and 7.0.8. Thanks. Best regards, Jérôme
Le lundi 17 juin 2024 à 19:27:55 UTC+2, [email protected] a écrit : > Hi, > > Recently we migrated to CAS 7.0 from 6.6. After migration some of users > reported problems with authentication. Password change solved issue for > most of them but not for all. At the same time user was able to log into > non-CAS services with same credentials (ActiveDirectory account). > > We discovered that authentication problems are caused by inproper encoding > handling when password contains non-latin characters. Non-latin characters > in password are valid for on premise Active Directory and CAS 6.6 works > fine with such passwords. > > After long hours spent on debugging I've found that filter chain has > different order in version 7.0 than in 6.6. ClientInfoThreadLocalFilter is > executed before CharacterEncodingFilter and that makes embedded tomcat to > parse parameters with default encoding which is ISO_8859_1. > > Filter order changed after this commit > https://github.com/apereo/cas/commit/b63b498d7827fddb2437059798b633335df8ae4a#diff-a6b219e09e7332e11699b887d03ae93365e9a303f9a2c9d8d1e8576a38ce8c7a > > I've solved issue by registering CharacterEncodingFilter in my own config > in war overlay with HIGHEST_PRECEDENCE. > > Regards, > Krzysztof > > > -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/67cd4819-6301-44e9-b238-2e0bfda7f117n%40apereo.org.
