Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-users] newbie configuration problem

dear all,
I have been using Jetty embedded for years, but never tried to use it stand alone.

I have downloaded jetty-distribution-9.3.0.v20150612 and would like to test authentication so that /public is accessible to all  and /private to authenticated users only.

I have created:

- webapps/public/index.html
- webapps/private/index.html
- webapps/private.xml
- webapps/private.d/override-web.xml
- etc/

XML files are read by Jetty since it complains if there is a syntax error (for instance).

But I must miss something, since private/index.html remains accessible.

Any clue would be of great value

Oleg Lodygensky

webapps/private.xml contains

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "";>

<Configure class="org.eclipse.jetty.webapp.WebAppContext">

        <Set name="contextPath">/private</Set>
        <Set name="resourceBase"><SystemProperty name="jetty.base" default="."/>/webapps/private/</Set>
<Set name="overrideDescriptor"><Property name="jetty.webapps" default="."/>/private.d/override-web.xml</Set>

        <Get name="securityHandler">
                <Set name="loginService">
                        <New class="">
                                <Set name="name">Test Realm</Set>
                                <Set name="config"><SystemProperty name="jetty.base" default="."/>/etc/</Set>


webapps/private.d/override-web.xml contains

<?xml version="1.0" encoding="UTF-8"?>

    <realm-name>Test Realm</realm-name>


etc/ contains

# This file defines users passwords and roles for a HashUserRealm
# The format is
#  <username>: <password>[,<rolename> ...]
# Passwords may be clear text, obfuscated or checksummed.  The class 
# org.eclipse.util.Password should be used to generate obfuscated
# passwords or password checksums
# If DIGEST Authentication is used, the password must be in a recoverable
# format, either plain text or OBF:.
jetty: MD5:blabla,user
admin: CRYPT:blabla,server-administrator,content-administrator,admin,user
other: OBF:blabla,user
plain: plain,user
user: password,user

# This entry is for digest auth.  The credential is a MD5 hash of username:realmname:password
digest: MD5:blabla,user

Back to the top