This code doesn't account for that the HTTP Basic password might
itself contain colons, so there may be more colons in the
Base64-decoded string than the one separating username and password.
Currently split(":") is used which is the root of the problem, which
is the same as here:
http://stackoverflow.com/questions/3990560/password-with-a-colon-fails-basic-auth
My fix:
authentication = authentication.substring("Basic ".length());
authentication = Base64.base64Decode(authentication);
int colonIndex = authentication.indexOf(":");
if (colonIndex < 0)
{
if (log.isDebugEnabled()) log.debug("Invalid syntax for username
and password");
throw new MappableContainerException(
new AuthenticationException("Invalid syntax for username and password", REALM));
}