On 22.01.2013 12:26, Gregor Jarisch wrote:
> Hi there,
>
> I am facing the following problem. I have an
embedded jetty (8.1.7) and
> I'd like to run my application on https only.
> Furthermore my users have to authenticate via basic
auth. The redirect
> from http to https works fine, the problem is that
jetty is asking for
> authentication on http too before the redirect,
instead of redirecting
> to https first.
>
> How can I prevent the insecure basic prompt on
http?
>
> Thanks.
>
> This is my code:
>
> List<Connector> connectors = new
LinkedList<Connector>();
>
> SelectChannelConnector proxyConnector = new
> SelectChannelConnector() {
> @Override
> public void customize(EndPoint
endpoint, Request request)
> throws IOException {
> request.setScheme("https");
> super.customize(endpoint, request);
> }
> };
>
> proxyConnector.setHost("localhost");
> proxyConnector.setPort(80);
> proxyConnector.setConfidentialPort(443);
> proxyConnector.setIntegralPort(443);
> if (options.useBehindProxy) {
>
proxyConnector.setHostHeader("localhost:443");
> proxyConnector.setForwarded(true);
> }
> connectors.add(proxyConnector);
>
> ConstraintSecurityHandler csh = new
ConstraintSecurityHandler();
> csh.setAuthenticator(new
BasicAuthenticator());
> csh.setRealmName("realm");
> csh.setLoginService(options.loginService);
>
> Constraint basicAuthConstraint = new
Constraint();
>
basicAuthConstraint.setName(Constraint.__BASIC_AUTH);
> basicAuthConstraint.setRoles(new
String[]{"user"});
> basicAuthConstraint.setAuthenticate(true);
>
basicAuthConstraint.setDataConstraint(Constraint.DC_CONFIDENTIAL);
>
> ConstraintMapping cm = new
ConstraintMapping();
> cm.setConstraint(basicAuthConstraint);
> cm.setPathSpec("/*");
> csh.addConstraintMapping(cm);
> context.setSecurityHandler(csh);
>
> SslSocketConnector sslConnector = new
SslSocketConnector();
> sslConnector.setPort(443);
> sslConnector.setPassword("...");
> sslConnector.setKeyPassword("...");
> sslConnector.setKeystore("...");
> sslConnector.setTrustPassword("...");
> connectors.add(sslConnector);
>
> server.setConnectors(connectors.toArray(new
> Connector[connectors.size()]));
>
> _______________________________________________
> jetty-users mailing list
>
jetty-users@xxxxxxxxxxx
>
https://dev.eclipse.org/mailman/listinfo/jetty-users