Greg. Our authentication mechanism is already used by many user. Our service is REST application, and users are access by own application. If auth mechanism is changed, they must change them application. I didn't want to forcing them to pay cost, in our own reason.
If this option is provided, we and our users are so happy. I understand that optimization is needed for high performance. But providing feature in the servlet spec has importance in compatibility. This feature may be better to provide optional. //Michitaka Terada 2013/8/8 Greg Wilkins <[email protected]> > This bugzilla was created: > https://bugs.eclipse.org/bugs/show_bug.cgi?id=414449 > > The issue is that Jetty avoids creating a lot of garbage by looking up > such common strings in a StringTrie directly from the bytes received. > > I will look at making this optional, but for your authentication mechanism > I would think it is very delicate if it is relying on case insensitive > fields being case sensitive. While the servlet spec does imply that we > should return the exact characters, there is nothing stopping a proxy or > any other intermediary rewriting headers to semantically equivalent ones. > Indeed you may even go via a binary protocol (AJP13 or SPDY) that tokenises > headers and thus also changes their case. > > Is it possible for you yo make your mechanism do lower case conversions > before calculating any hash values on case insensitive data? > > cheers > > > > > > > > > > > > > > > > > On 31 July 2013 12:29, てらだみつるつよし <[email protected]> wrote: > >> Hi. >> >> I'm in trouble about the "Content-Type" . >> >> I used a recent version Jetty, that version is 8.1.11.v20130520. Now, I'm >> trying to migrate my application to version 9.0.4.v20130625. >> >> In version 8, Content-Type value is not changed by Jetty. >> >> *set by client :* application/x-www-form-urlencoded; charset=utf-8 >> >> *HttpServletRequest.getHeade("Content-Type") :* >> application/x-www-form-urlencoded; >> charset=utf-8 >> >> But in version 9.0.4.v20130625, "Content-Type" value is changed by Jetty. >> >> *set by client :* application/x-www-form-urlencoded; charset=utf-8 >> >> *HttpServletRequest.getHeade("Content-Type") :* >> application/x-www-form-urlencoded; >> charset=*UTF*-8 >> >> A charset value is changed(utf -> UTF). >> >> I use this value to calculate a hash value for authentication mechanism. >> This changing of a Content-Type value makes difference between a value >> calculated in client and that in server, so authentication is failed. >> >> I cannot judge that this is a specification or a bug. >> Have anybody tips or options to avoid this charset changing? >> >> //terada-m >> >> _______________________________________________ >> jetty-users mailing list >> [email protected] >> https://dev.eclipse.org/mailman/listinfo/jetty-users >> >> > > > -- > Greg Wilkins <[email protected]> > http://www.webtide.com > Developer advice and support from the Jetty & CometD experts. > Intalio, the modern way to build business applications. > > _______________________________________________ > jetty-users mailing list > [email protected] > https://dev.eclipse.org/mailman/listinfo/jetty-users > >
_______________________________________________ jetty-users mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/jetty-users
