private void configure() {
//prevent the server and it's version from being transmitted
HttpConfiguration httpConfiguration = new HttpConfiguration();
httpConfiguration.setSendServerVersion(false);
HttpConnectionFactory factory = new HttpConnectionFactory(httpConfiguration);
ServerConnector connector = new ServerConnector(this.server, factory);
connector.setPort(this.port);
ConstraintSecurityHandler constraintSecurityHandler = new ConstraintSecurityHandler();
Constraint constraint = new Constraint();
constraint.setAuthenticate(true);
constraint.setRoles(new String[]{"user"});
constraintSecurityHandler.setAuthenticator(new FormAuthenticator("/login", "/error", false));
ConstraintMapping constraintMapping = new ConstraintMapping();
constraintMapping.setPathSpec("/*");
constraintMapping.setConstraint(constraint);
LoginService loginService = createHashLoginService(“placeholder”);
this.server.addBean(loginService);
this.server.setSessionIdManager(new DefaultSessionIdManager(this.server));
SessionHandler sessionHandler = new SessionHandler();
sessionHandler.setUsingCookies(true);
sessionHandler.setSessionIdPathParameterName("none"); // Prevent JSESSIONID in URL.
constraintSecurityHandler.setLoginService(loginService);
constraintSecurityHandler.addConstraintMapping(constraintMapping);
this.server.addConnector(connector);
ResourceHandler resourceHandler = new ResourceHandler();
resourceHandler.setDirectoriesListed(false);
resourceHandler.setWelcomeFiles(new String[]{"index.html"});
resourceHandler.setResourceBase("web/");
ServletContextHandler servletContextHandler = this.createServletContextHandlerAndRegisterServlets(true);
constraintSecurityHandler.setHandler(resourceHandler);
HandlerList handlers = new HandlerList();
handlers.setHandlers(new Handler[]{
sessionHandler,
constraintSecurityHandler,
servletContextHandler});
this.server.setHandler(handlers);
try {
this.server.start();
this.server.dump(System.out);
}
catch (Throwable throwable) {
LOGGER.error("Error starting web server: " + throwable.getMessage(), throwable);
}
}
private static LoginService createHashLoginService(String realm) {
HashLoginService hashLoginService = new HashLoginService();
hashLoginService.setConfig("conf/realm");
hashLoginService.setHotReload(true);
hashLoginService.setName(realm);
return hashLoginService;
}