Jan (or anyone),
> There's also a jetty-specific feature that if the realm-name
is omitted from the <login-config> then we'll automatically
select the first LoginService that has been defined for a Server
instance (eg as an addBean() as has been shown in the doco and in
the demo-base/etc/test-realm.xml).
Aha, when I delete the realm-name from the <login-config> in
web.xml, I see that my HashLoginService evidently didn't get
registered even though the etc/realm.xml has
<Configure id="Server"
class="org.eclipse.jetty.server.Server">
<Call name="addBean">
<Arg>
<New
class="org.eclipse.jetty.security.HashLoginService">
<Set name="name">Test Realm</Set>
<Set name="config"><Property
name="jetty.demo.realm"
default="etc/realm.properties"/></Set>
<Set name="refreshInterval">0</Set>
</New>
</Arg>
</Call>
<Get class="org.eclipse.jetty.util.log.Log"
name="rootLogger">
<Call name="warn"><Arg>demo test-realm is
deployed. DO NOT USE IN PRODUCTION!</Arg></Call>
</Get>
</Configure>
And on startup I see:
2015-10-01 12:50:39.793:WARN::main: demo test-realm is deployed.
DO NOT USE IN PRODUCTION!
2015-10-01 12:50:40.203:WARN:oejw.WebAppContext:main: Failed
startup of context
o.e.j.w.WebAppContext@234bef66{/,
file:///Users/priot/pr/jetty-base/webapps/ROOT/,STARTING}{/ROOT}
java.lang.IllegalStateException: No LoginService for
org.eclipse.jetty.security.authentication.BasicAuthenticator@47db50c5
in org.eclipse.jetty.security.ConstraintSecurityHandler@5c072e3f
at
org.eclipse.jetty.security.authentication.LoginAuthenticator.setConfiguration(LoginAuthenticator.java:76)
at
org.eclipse.jetty.security.SecurityHandler.doStart(SecurityHandler.java:354)
at
org.eclipse.jetty.security.ConstraintSecurityHandler.doStart(ConstraintSecurityHandler.java:448)
So there seems to be a bug in docs or code since the
HashLoginService setup is quietly consumed but seems to have no
effect.
And in case anyone is still reading, once again, is the
"jetty.demo.realm" supposed to mean anything or match anything???
<Property name="jetty.demo.realm"
default="etc/realm.properties"/>
Thanks,
Bill
On 9/30/2015 1:29 AM, Jan Bartel wrote: