When calling the REST API using unencoded basic authentication, a non-ASCII character in the username or password will return an incorrect status - a 401 Unauthorized or a 403 Forbidden respectively.
This does not impact the rest/auth/1/session endpoint. For more information on how to use this endpoint instead, please Cookie-based Authentication.
This also does not impact a user's ability to log in - as the browser and form will correctly encode data before sending it back to the server.
- Create a user with non-ASCII character name like "łukasz" and the password test
- Login through the web UI as that user, to verify the credentials are valid.
- Do rest call as the user:
The problem can exhibit with a non-ascii character in either the username or the password.
With the correct credentials, the issue return a 200 OK response.
See ACJIRA-513 description and comments for more details.
There are a few alternative options workarounds; depending on the exact implementation you're using.
If possible, change the non-ascii characters to ascii characters. This may not be desirable (or feasible) in all cases, however.
Use the following command to generate a Base64 encoded string:
Then, supply an Authorization: Basic token header, like so:
You can use cookie based authentication to authenticate first, and then use the cookie as your authentication mechanism in subsequent requests.