[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [jetty-users] UserRealm -> LoginService, jetty6 -> jetty7
|
Hello again,
Rereading the updated documentation I realize I need to do WebAppContext.getSecurityHandler().setLoginService(new MyHashLoginService("realm")); Which seem to work in a way since I can see the "MyHashLoginService" getting loaded at startup. However, it isn't called when i load a page from the context. Apart from the xml below and the setLoginService herein, what more is there to it?
I understand a lot of changes have been made to the authentication functions in jetty 7 from jetty 6, but I have a real hard time finding documentatoin and examples even though jetty 7 is stable since a while back, so all help and pointers on this topic is greatly appreciated!
//Gustav
5 mar 2010 kl. 18.04 skrev Gustav Olsson:
> Thank you Jan,
>
> I'm creating the WebAppContext (and Service instance) programmatically and previously did that with the security as well. When looking at the documentation you just updated (thanks!), it looks as if I should be able to use WebAppContext.setSecurityHandler for adding the security handler. But this takes a SecurityHandler as an agrument, where in my case I have my own class extending MappedLoginService (just as HashLoginService does). For reference, this is how I did it previously:
>
> Constraint constraint = new Constraint();
> constraint.setName(Constraint.__DIGEST_AUTH);;
> constraint.setRoles(new String[]{"users"});
> constraint.setAuthenticate(true);
>
> ConstraintMapping cm = new ConstraintMapping();
> cm.setConstraint(constraint);
> cm.setPathSpec("/*");
>
> SecurityHandler sh = new SecurityHandler();
> sh.setUserRealm(new HashUserRealm("Protected resource","src/main/resources/realm.properties"));
> sh.setConstraintMappings(new ConstraintMapping[]{cm});
>
> webContext.addHandler(sh);
>
> HandlerCollection handlers= new HandlerCollection();
> handlers.setHandlers(new Handler[]{webContext, new DefaultHandler()});
>
> Is there any way of doing this programmatically still or do i need to convert my jetty configuration to xml?
>
> Thanks in advance!
> //Gustav
>
> 5 mar 2010 kl. 16.29 skrev Jan Bartel:
>
>> Gustav,
>>
>> Here's an example from the jetty-7 distro etc/jetty.xml file:
>>
>> <Call name="addBean">
>> <Arg>
>> <New class="org.eclipse.jetty.security.HashLoginService">
>> <Set name="name">Test Realm</Set>
>> <Set name="config"><SystemProperty name="jetty.home" default="."/>/etc/realm.properties</Set>
>> <Set name="refreshInterval">0</Set>
>> </New>
>> </Arg>
>> </Call>
>>
>> I just discovered the doco on the Eclipse wiki is wrong on this, so
>> I'm fixing it now.
>>
>> cheers
>> Jan
>>
>> Gustav Olsson wrote:
>>> Hi all,
>>> After upgrading from jetty6 to jetty7 I'm having some difficulties getting the DIGEST authentication I used in jetty6 to work in jetty7. The method Server.setUserRealms(UserRealm[]) is gone and I simply cannot find out how to bind my LoginService to the WebAppContext or server.
>>> The web.xml is attached. Previously, all i hade to do was create an instance of a JDBCUserRealm and add it with the Server.setUserRealms(new UserRealm[]{<jdbcur>) to get it to kick in. With that method gone and all howtos covering jetty6 I cannot find out how to bind the JDBCUserRealm to the server/webapp. This is driving me nuts and all help is appreciated!
>>> <web-app>
>>> <servlet>
>>> <servlet-name>name</servlet-name>
>>> <servlet-class>SecureServlet</servlet-class>
>>> </servlet>
>>> <servlet-mapping>
>>> <servlet-name>name</servlet-name>
>>> <url-pattern>/</url-pattern>
>>> </servlet-mapping>
>>> <security-constraint>
>>> <web-resource-collection>
>>> <web-resource-name>ResourceName</web-resource-name>
>>> <url-pattern>/*</url-pattern>
>>> </web-resource-collection>
>>> <auth-constraint>
>>> <role-name>role</role-name>
>>> </auth-constraint>
>>> </security-constraint>
>>> <login-config>
>>> <auth-method>DIGEST</auth-method>
>>> <realm-name>TheRealm</realm-name>
>>> </login-config>
>>> <security-role>
>>> <role-name>role</role-name>
>>> </security-role>
>>> </web-app>
>>> Thanks in advance!
>>> //Gustav
>>> _______________________________________________
>>> jetty-users mailing list
>>> jetty-users@xxxxxxxxxxx
>>> https://dev.eclipse.org/mailman/listinfo/jetty-users
>>
>> --
>> Jan Bartel, Webtide LLC | janb@xxxxxxxxxxx | http://www.webtide.com
>> _______________________________________________
>> jetty-users mailing list
>> jetty-users@xxxxxxxxxxx
>> https://dev.eclipse.org/mailman/listinfo/jetty-users
>
> _______________________________________________
> jetty-users mailing list
> jetty-users@xxxxxxxxxxx
> https://dev.eclipse.org/mailman/listinfo/jetty-users