Camel http4 and url encoded passwords are interpreted as separate arguments
We have an Apache Camel application (2.13.2) that uses http4 to communicate with a web server using NTLM for authorization.
The endpoint is defined as (pseudo):
...
.to("http4://thegreat.server.com/uri?authUsername=" + user + "&authPassword=" + pass
+ "&authenticationPreemptive=true&authMethod=NTLM&authDomain=DOMAIN&authHost=host")
.to("otherEndpoint");
This works well if the variable pass
contains non-special characters.
However, if pass
contains, for example "abcd&def"
- Camel it will intepret an ampersand as the delimiter for the query parameters, as it should be.
But the url encoding the ampersand (i.e. "abcd%26def"
) doesn't make any difference?
We still end up with Camel calling the "http://thegreat.server.com/uri?authMethod=NTLM&def="
truncated password endpoint .
Is there something obvious that we are missing, or does this seem like a bug?
Thank.
source to share
See Camel documentation for uris endpoint setup
There is a section on passwords, for example you should use the RAW () syntax.
So it would be something like
.to("http4://thegreat.server.com/uri?authUsername=" + user + "&authPassword=RAW(" + pass
+ ")&authenticationPreemptive=true&authMethod=NTLM&authDomain=DOMAIN&authHost=host")
.to("otherEndpoint");
source to share