Camel http4 和 url 编码的密码被解释为单独的参数 [英] Camel http4 and url-encoded passwords being interpreted as separate arguments
问题描述
我们有一个 Apache Camel (2.13.2) 应用程序,它使用 http4 与网络服务器通信,使用 NTLM 进行身份验证.
We've got an Apache Camel (2.13.2) app that uses http4 to communicate with a webserver, using NTLM for auth.
端点定义为(伪):
...
.to("http4://thegreat.server.com/uri?authUsername=" + user + "&authPassword=" + pass
+ "&authenticationPreemptive=true&authMethod=NTLM&authDomain=DOMAIN&authHost=host")
.to("otherEndpoint");
只要 pass
变量包含非特殊"字符,此方法就可以正常工作.
This works well as long as the pass
variable contains "non-special" chars.
但是,如果 pass
包含例如 "abcd&def"
- Camel 会将 & 符号解释为查询参数分隔符.
However, if the pass
contains for example "abcd&def"
- Camel will intepret the ampersand as a query parameter separator, as it should.
但是 url 编码 & 符号(即 "abcd%26def"
)根本没有区别?
But url encoding the ampersand (i.e "abcd%26def"
) makes no difference at all?
Camel 调用端点 "http://thegreat.server.com/uri?authMethod=NTLM&def="
的结果仍然是一个截断的密码.
We still end up with Camel invoking the endpoint "http://thegreat.server.com/uri?authMethod=NTLM&def="
, with a truncated password.
我们是否遗漏了一些明显的东西,或者这看起来像一个错误?
Is there something obvious we're missing out on, or does this kind of look like a bug?
谢谢.
推荐答案
查看 Camel 文档如何配置端点 uris
See the Camel documentation how to configure endpoint uris
有一节介绍了密码,例如,您应该使用 RAW() 语法.
There is a section that covers about passwords, eg you should use the RAW() syntax.
所以应该是这样的
.to("http4://thegreat.server.com/uri?authUsername=" + user + "&authPassword=RAW(" + pass
+ ")&authenticationPreemptive=true&authMethod=NTLM&authDomain=DOMAIN&authHost=host")
.to("otherEndpoint");
这篇关于Camel http4 和 url 编码的密码被解释为单独的参数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!