[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
[jetty-users] newbie configuration problem
|
dear all,
I have been using Jetty embedded for years, but never tried to use it stand alone.
I have downloaded jetty-distribution-9.3.0.v20150612 and would like to test authentication so that /public is accessible to all and /private to authenticated users only.
I have created:
- webapps/public/index.html
- webapps/private/index.html
- webapps/private.xml
- webapps/private.d/override-web.xml
- etc/realm.properties
XML files are read by Jetty since it complains if there is a syntax error (for instance).
But I must miss something, since private/index.html remains accessible.
Any clue would be of great value
:)
Oleg Lodygensky
webapps/private.xml contains
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Set name="contextPath">/private</Set>
<Set name="resourceBase"><SystemProperty name="jetty.base" default="."/>/webapps/private/</Set>
<Set name="overrideDescriptor"><Property name="jetty.webapps" default="."/>/private.d/override-web.xml</Set>
<Get name="securityHandler">
<Set name="loginService">
<New class="org.eclipse.jetty.security.HashLoginService">
<Set name="name">Test Realm</Set>
<Set name="config"><SystemProperty name="jetty.base" default="."/>/etc/realm.properties</Set>
</New>
</Set>
</Get>
</Configure>
webapps/private.d/override-web.xml contains
<?xml version="1.0" encoding="UTF-8"?>
<web-app
xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
version="3.1">
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Test Realm</realm-name>
</login-config>
</web-app>
etc/realm.properties contains
#
# This file defines users passwords and roles for a HashUserRealm
#
# The format is
# <username>: <password>[,<rolename> ...]
#
# Passwords may be clear text, obfuscated or checksummed. The class
# org.eclipse.util.Password should be used to generate obfuscated
# passwords or password checksums
#
# If DIGEST Authentication is used, the password must be in a recoverable
# format, either plain text or OBF:.
#
jetty: MD5:blabla,user
admin: CRYPT:blabla,server-administrator,content-administrator,admin,user
other: OBF:blabla,user
plain: plain,user
user: password,user
# This entry is for digest auth. The credential is a MD5 hash of username:realmname:password
digest: MD5:blabla,user