Hi there
I've set up a Jetty server with the following configuration where a secured web application is deployed. I was digging in the jetty security code and figured out that the BasicAuthenticator is called for every incoming request even the browser already got a
session.
I use version 8.1.7. Have I forgotten anything to configure:
<Configure id="FileServer" class="org.eclipse.jetty.server.Server">
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.nio.SelectChannelConnector">
<Set name="port">8080</Set>
</New>
</Arg>
</Call>
<Set name="handler">
<New class="org.eclipse.jetty.server.handler.HandlerList">
<Set name="handlers">
<Array type="org.eclipse.jetty.server.Handler">
<Item>
<New class="org.eclipse.jetty.webapp.WebAppContext">
<Set name="contextPath">/fedizhelloworld</Set>
<Set name="war">./target/test-classes/fedizhelloworld.war</Set>
<Set name="throwUnavailableOnStartupException">true</Set>
<Get name="securityHandler">
<Set name="authenticator">
<New class="org.eclipse.jetty.security.authentication.BasicAuthenticator" />
</Set>
</Get>
</New>
</Item>
</Array>
</Set>
</New>
</Set>
<Call name="addBean">
<Arg>
<New class="org.eclipse.jetty.security.HashLoginService">
<Set name="name">WSFED</Set>
<Set name="config">./target/test-classes/realm.properties</Set>
<Set name="refreshInterval">0</Set>
</New>
</Arg>
</Call>
</Configure>
thanks a lot
Oli