Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] UserRealm -> LoginService, jetty6 -> jetty7 
Hello again,

Rereading the updated documentation I realize I need to do WebAppContext.getSecurityHandler().setLoginService(new MyHashLoginService("realm")); Which seem to work in a way since I can see the "MyHashLoginService" getting loaded at startup. However, it isn't called when i load a page from the context. Apart from the xml below and the setLoginService herein, what more is there to it?

I understand a lot of changes have been made to the authentication functions in jetty 7 from jetty 6, but I have a real hard time finding documentatoin and examples even though jetty 7 is stable since a while back, so all help and pointers on this topic is greatly appreciated! 

//Gustav


5 mar 2010 kl. 18.04 skrev Gustav Olsson:

> Thank you Jan,
> 
> I'm creating the WebAppContext (and Service instance) programmatically and previously did that with the security as well. When looking at the documentation you just updated (thanks!), it looks as if I should be able to use WebAppContext.setSecurityHandler for adding the security handler. But this takes a SecurityHandler as an agrument, where in my case I have my own class extending MappedLoginService (just as HashLoginService does). For reference, this is how I did it previously:
> 
> Constraint constraint = new Constraint();
> constraint.setName(Constraint.__DIGEST_AUTH);;
> constraint.setRoles(new String[]{"users"});
> constraint.setAuthenticate(true);
> 
> ConstraintMapping cm = new ConstraintMapping();
> cm.setConstraint(constraint);
> cm.setPathSpec("/*");
> 
> SecurityHandler sh = new SecurityHandler();
> sh.setUserRealm(new HashUserRealm("Protected resource","src/main/resources/realm.properties"));
> sh.setConstraintMappings(new ConstraintMapping[]{cm});
> 
> webContext.addHandler(sh);
> 
> HandlerCollection handlers= new HandlerCollection();
> handlers.setHandlers(new Handler[]{webContext, new DefaultHandler()});
> 
> Is there any way of doing this programmatically still or do i need to convert my jetty configuration to xml?
> 
> Thanks in advance!
> //Gustav
> 
> 5 mar 2010 kl. 16.29 skrev Jan Bartel:
> 
>> Gustav,
>> 
>> Here's an example from the jetty-7 distro etc/jetty.xml file:
>> 
>>  <Call name="addBean">
>>    <Arg>
>>      <New class="org.eclipse.jetty.security.HashLoginService">
>>        <Set name="name">Test Realm</Set>
>>        <Set name="config"><SystemProperty name="jetty.home" default="."/>/etc/realm.properties</Set>
>>        <Set name="refreshInterval">0</Set>
>>      </New>
>>    </Arg>
>>  </Call>
>> 
>> I just discovered the doco on the Eclipse wiki is wrong on this, so
>> I'm fixing it now.
>> 
>> cheers
>> Jan
>> 
>> Gustav Olsson wrote:
>>> Hi all,
>>> After upgrading from jetty6 to jetty7 I'm having some difficulties getting the DIGEST authentication I used in jetty6 to work in jetty7. The method Server.setUserRealms(UserRealm[]) is gone and I simply cannot find out how to bind my LoginService to the WebAppContext or server.
>>> The web.xml is attached. Previously, all i hade to do was create an instance of a JDBCUserRealm and add it with the Server.setUserRealms(new UserRealm[]{<jdbcur>) to get it to kick in. With that method gone and all howtos covering jetty6 I cannot find out how to bind the JDBCUserRealm to the server/webapp. This is driving me nuts and all help is appreciated!
>>> <web-app>
>>>       <servlet>
>>>               <servlet-name>name</servlet-name>
>>>               <servlet-class>SecureServlet</servlet-class>
>>>       </servlet>
>>>               <servlet-mapping>
>>>               <servlet-name>name</servlet-name>
>>>               <url-pattern>/</url-pattern>
>>>       </servlet-mapping>
>>>       <security-constraint>
>>>               <web-resource-collection>
>>>                       <web-resource-name>ResourceName</web-resource-name>
>>>                       <url-pattern>/*</url-pattern>
>>>               </web-resource-collection>
>>>               <auth-constraint>
>>>                       <role-name>role</role-name>
>>>               </auth-constraint>
>>>       </security-constraint>
>>>               <login-config>
>>>               <auth-method>DIGEST</auth-method>
>>>               <realm-name>TheRealm</realm-name>
>>>       </login-config>
>>>               <security-role>
>>>               <role-name>role</role-name>
>>>       </security-role>
>>> </web-app>
>>> Thanks in advance!
>>> //Gustav
>>> _______________________________________________
>>> jetty-users mailing list
>>> jetty-users@xxxxxxxxxxx
>>> https://dev.eclipse.org/mailman/listinfo/jetty-users
>> 
>> -- 
>> Jan Bartel, Webtide LLC | janb@xxxxxxxxxxx | http://www.webtide.com
>> _______________________________________________
>> jetty-users mailing list
>> jetty-users@xxxxxxxxxxx
>> https://dev.eclipse.org/mailman/listinfo/jetty-users
> 
> _______________________________________________
> jetty-users mailing list
> jetty-users@xxxxxxxxxxx
> https://dev.eclipse.org/mailman/listinfo/jetty-users

Back to the top