Re: [jetty-discuss] Re : Jetty Context Authentication Without Config Files

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi Julien,

You're welcome :-)       .   "Perhaps could you add this howto on the=20
Wiki" -- sure thing :-) .

*Here's how to do it programatically (without the web.xml configuration):=
*

Constraint constraint =3D new Constraint();  //=20
org.mortbay.jetty.security.Constraint
constraint.setName(Constraint.__BASIC_AUTH);
constraint.setRoles(new String[]{"user","admin","moderator"});
constraint.setAuthenticate(true);

ConstraintMapping cm =3D new ConstraintMapping();  //=20
org.mortbay.jetty.security.ConstraintMapping
cm.setConstraint(constraint);
cm.setPathSpec("/*");=20

SecurityHandler sh =3D new SecurityHandler(); =20
//org.mortbay.jetty.security.SecurityHandler
sh.setUserRealm(new=20
HashUserRealm("MyRealm","./path/to/my/realm.properties"));
sh.setConstraintMappings(new ConstraintMapping[]{cm});

WebAppContext webappcontext =3D new WebAppContext();      =20
webappcontext.setContextPath("/mywebapp");    =20
webappcontext.setWar("./path/to/my/war/orExplodedwar");
webappcontext.addHandler(sh);

HandlerCollection handlers=3D new HandlerCollection();
handlers.setHandlers(new Handler[]{webappcontext, new DefaultHandler()});

server.setHandler(handlers);
server.start();
server.join();

Cheers,
David

Julien HENRY wrote:
> Hi David,
>
> Thanks for this explanation ! I was trying to setup authentication for=20
> 1 months without success (and no response from the mailing list).=20
> Perhaps could you add this howto on the Wiki.
>
> Just another question. I use Jetty for my Unit tests, and I need to=20
> run the same test case with and without authentication. I was using a=20
> totally embedded Jetty (nothing in web.xml), but with your solution, I=20
> will need to switch between two web.xml file. Do you know how to set=20
> up the security-constraint and login-config part of your web.xml=20
> programatically?
>
> FYI, I already find how to not use C:/jetty-6.0.1/etc/realm.properties:
>
> HashUserRealm myrealm =3D new HashUserRealm("MyRealm");
> myrealm.put("jetty", "jetty");
> myrealm.addUserToRole("jetty", "user");
> myrealm.put("admin", "admin");
> myrealm.addUserToRole("admin", "admin");
> server.setUserRealms(new UserRealm[]{myrealm});
>
> Thanks very much
>
> Julien
>
> ----- Message d'origine ----
> De : David Yu <dy...@we...>
> =C0 : Discussion for Jetty development.=20
> <jet...@li...>
> Envoy=E9 le : Vendredi, 27 Octobre 2006, 5h38mn 57s
> Objet : Re: [jetty-discuss] Jetty Context Authentication Without=20
> Config Files
>
> Hi Elia,
>
> Authentication on Embedded Jetty:
> This example is setting up Basic Authentication on the context "/myweba=
pp"
>
> *On your webapp's WEB-INF/web.xml:*
>
> <web-app> =20
> <security-constraint>
>    <web-resource-collection>
>      <web-resource-name>A Protected Page</web-resource-name>
>      <url-pattern>/*</url-pattern>   <!-- u can include specific=20
> files/urls individually.. eg.=20
> <url-pattern>/mywelcomepage.html</url-pattern>
>    </web-resource-collection>
>
>    <auth-constraint>
>      <role-name>admin</role-name>
>      <role-name>user</role-name>
>      <role-name>moderator</role-name>
>    </auth-constraint>
>   </security-constraint>
>
>   <login-config>
>    <auth-method>BASIC</auth-method>
>    <realm-name>MyRealm</realm-name>
>   </login-config>
> </web-app>
>
> *Next on your webapp,*
>
> WebAppContext webappcontext =3D new WebAppContext();      =20
> webappcontext.setContextPath("/mywebapp");    =20
> webappcontext.setWar("./path/to/my/war/orExplodedwar");
>
> HandlerCollection handlers=3D new HandlerCollection();
> handlers.setHandlers(new Handler[]{webappcontext, new DefaultHandler()}=
);
>
> server.setHandler(handlers);
> HashUserRealm myrealm =3D new=20
> HashUserRealm("MyRealm","C:/jetty-6.0.1/etc/realm.properties");  //=20
> org.mortbay.jetty.security.HashUserRealm
> server.setUserRealms(new UserRealm[]{myrealm});  //=20
> org.mortbay.jetty.security.UserRealm
>
> server.start();
> server.join();
>
> *On JETTY_HOME/etc/realm.properties:*
>
> You will see the format:
> <username>:<password>,role   ... notice the password has another ":"=20
> for users "jetty", "admin" and "other". Its the hash of the actual=20
> password.
>
> Since the roles we placed on <auth-constraint> are admin, user,=20
> moderator,...
> The user/pass with access are:
> jetty/jetty
> admin/admin
>
> you can then append a new user/pass and role on realm.properties...=20
> for example:
> newUser: newPass,moderator
>
> So when u test on http://localhost:4700/mywebapp
> You will be prompted to supply the user/pass with a basic=20
> authentication.  Simply admin/admin, jetty/jetty or newUser/newPass=20
> will get you authenticated.
>
> Hope this helps,
> David
>
>
> Elia Morling wrote:
>> I'm using Jetty and want to apply authentication to a context I've=20
>> defined in Java.
>> How do I add authentication without using congfig files?=20
>> Documentation is very poor on this topic.
>> Thx
>> Elia
>> ----------------------------------------------------------------------=
--
>>
>> ----------------------------------------------------------------------=
---
>> Using Tomcat but need to do more? Need to support web services, securi=
ty?
>> Get stuff done quickly with pre-integrated technology to make your job=
 easier
>> Download IBM WebSphere Application Server v.1.0.1 based on Apache Gero=
nimo
>> http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&da=
t=3D121642
>> ----------------------------------------------------------------------=
--
>>
>> _______________________________________________
>> jetty-discuss mailing list
>> jet...@li...
>> https://lists.sourceforge.net/lists/listinfo/jetty-discuss
>>  =20
>
> -----------------------------------------------------------------------=
--
> Using Tomcat but need to do more? Need to support web services, securit=
y?
> Get stuff done quickly with pre-integrated technology to make your job=20
> easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geron=
imo
> http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat=
=3D121642=20
> <http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&da=
t=3D121642>
> _______________________________________________
> jetty-discuss mailing list
> jet...@li...
> https://lists.sourceforge.net/lists/listinfo/jetty-discuss
>
>
> -----------------------------------------------------------------------=
-
> D=E9couvrez une nouvelle fa=E7on d'obtenir des r=E9ponses =E0 toutes vo=
s=20
> questions ! Profitez des connaissances, des opinions et des=20
> exp=E9riences des internautes sur Yahoo! Questions/R=E9ponses=20
> <http://fr.rd.yahoo.com/evt=3D42054/*http://fr.answers.yahoo.com>.
> -----------------------------------------------------------------------=
-
>
> -----------------------------------------------------------------------=
--
> Using Tomcat but need to do more? Need to support web services, securit=
y?
> Get stuff done quickly with pre-integrated technology to make your job =
easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geron=
imo
> http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat=
=3D121642
> -----------------------------------------------------------------------=
-
>
> _______________________________________________
> jetty-discuss mailing list
> jet...@li...
> https://lists.sourceforge.net/lists/listinfo/jetty-discuss
>  =20