Menu
▾
▴
[jetty-discuss] Re: Re: User authorization?
|
From: <ma...@tl...> - 2003-10-08 11:37:35
|
Hello everybody, I customize web application based on jetty. I need add basic authentication. I read Greg Wilkins description (http://sourceforge.net/mailarchive/forum.php?thread_id=3242147&forum_id=35144) and it works good when I configure server, unfortunately, when I try to apply this hint to web application it fails: However http client sends GET with proper authentication header, jetty replies with HTTP 401 Unauthorized. Could You help me, please ? Below I show configuration parts: [app.xml] ... <Call name="addWebApplication"> <Arg></Arg> <Arg>/</Arg> <Arg><SystemProperty name="application.home" default="."/>/webapp</Arg> <Set name="defaultsDescriptor"><SystemProperty name="jetty.home" default="."/>/config/webdefault.xml</Set> <Set name="extractWAR">TRUE</Set> <Set name="classLoaderJava2Compliant">TRUE</Set> <Call name="setRealm"> <Arg> <New class="org.mortbay.http.HashUserRealm"> <Arg>Jetty Demo Realm</Arg> <Arg><SystemProperty name="jetty.home" default="."/>/config/csrealm</Arg> </New> </Arg> </Call> <Set name="realmName">Jetty Demo Realm</Set> <Set name="authenticator"><New class="org.mortbay.http.BasicAuthenticator"/></Set> <Call name="addHandler"> <Arg><New class="org.mortbay.http.handler.SecurityHandler"/></Arg> </Call> </Call> ... [web.xml] ... <servlet-mapping> <servlet-name>AuthorizationSnoop</servlet-name> <url-pattern>/Test</url-pattern> </servlet-mapping> <security-constraint> <web-resource-collection> <web-resource-name>AuthorizationSnoop</web-resource-name> <url-pattern>/Test</url-pattern> </web-resource-collection> <auth-constraint> <role-name>org.mortbay.http.HttpRequest.ANY_ROLE</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>Jetty Demo Realm</realm-name> </login-config> ... [/config/csrealm] is jetty-4.2.9/etc/demoRealm.properties file -- Regards Marek |