Re: [jetty-users] UserRealm -> LoginService, jetty6 -> jetty7

[Michael Gorovoy <michael@xxxxxxxxxxx>]

Gustav,

Configuring HashLoginService is indeed a bit tricky... You should be able to use the test harness linked below that I created for Jetty HTTP Client as your guide. I'd have to admit that jetty-client module tests would be one of the last places someone will be looking for an example of how to configure their server so perhaps it going to have to be added to the embedded-jetty-examples module as time allows. 

http://dev.eclipse.org/viewcvs/index.cgi/jetty/trunk/jetty-client/src/test/java/org/eclipse/jetty/client/SecuredContentExchangeTest.java?root=RT_Jetty&view=markup

Thanks,
Michael

Michael Gorovoy / michael@xxxxxxxxxxx

On Mon, Mar 8, 2010 at 5:49 PM, Gustav Olsson <gustavolsson@xxxxxx> wrote:

Hello again,

Rereading the updated documentation I realize I need to do WebAppContext.getSecurityHandler().setLoginService(new MyHashLoginService("realm")); Which seem to work in a way since I can see the "MyHashLoginService" getting loaded at startup. However, it isn't called when i load a page from the context. Apart from the xml below and the setLoginService herein, what more is there to it?

I understand a lot of changes have been made to the authentication functions in jetty 7 from jetty 6, but I have a real hard time finding documentatoin and examples even though jetty 7 is stable since a while back, so all help and pointers on this topic is greatly appreciated!

//Gustav


5 mar 2010 kl. 18.04 skrev Gustav Olsson:

> Thank you Jan,
>
> I'm creating the WebAppContext (and Service instance) programmatically and previously did that with the security as well. When looking at the documentation you just updated (thanks!), it looks as if I should be able to use WebAppContext.setSecurityHandler for adding the security handler. But this takes a SecurityHandler as an agrument, where in my case I have my own class extending MappedLoginService (just as HashLoginService does). For reference, this is how I did it previously:
>
> Constraint constraint = new Constraint();
> constraint.setName(Constraint.__DIGEST_AUTH);;
> constraint.setRoles(new String[]{"users"});
> constraint.setAuthenticate(true);
>
> ConstraintMapping cm = new ConstraintMapping();
> cm.setConstraint(constraint);
> cm.setPathSpec("/*");
>
> SecurityHandler sh = new SecurityHandler();
> sh.setUserRealm(new HashUserRealm("Protected resource","src/main/resources/realm.properties"));
> sh.setConstraintMappings(new ConstraintMapping[]{cm});
>
> webContext.addHandler(sh);
>
> HandlerCollection handlers= new HandlerCollection();
> handlers.setHandlers(new Handler[]{webContext, new DefaultHandler()});
>
> Is there any way of doing this programmatically still or do i need to convert my jetty configuration to xml?
>
> Thanks in advance!
> //Gustav
>
> 5 mar 2010 kl. 16.29 skrev Jan Bartel:
>
>> Gustav,
>>
>> Here's an example from the jetty-7 distro etc/jetty.xml file:
>>
>>  <Call name="addBean">
>>    <Arg>
>>      <New class="org.eclipse.jetty.security.HashLoginService">
>>        <Set name="name">Test Realm</Set>
>>        <Set name="config"><SystemProperty name="jetty.home" default="."/>/etc/realm.properties</Set>
>>        <Set name="refreshInterval">0</Set>
>>      </New>
>>    </Arg>
>>  </Call>
>>
>> I just discovered the doco on the Eclipse wiki is wrong on this, so
>> I'm fixing it now.
>>
>> cheers
>> Jan
>>
>> Gustav Olsson wrote:
>>> Hi all,
>>> After upgrading from jetty6 to jetty7 I'm having some difficulties getting the DIGEST authentication I used in jetty6 to work in jetty7. The method Server.setUserRealms(UserRealm[]) is gone and I simply cannot find out how to bind my LoginService to the WebAppContext or server.
>>> The web.xml is attached. Previously, all i hade to do was create an instance of a JDBCUserRealm and add it with the Server.setUserRealms(new UserRealm[]{<jdbcur>) to get it to kick in. With that method gone and all howtos covering jetty6 I cannot find out how to bind the JDBCUserRealm to the server/webapp. This is driving me nuts and all help is appreciated!
>>> <web-app>
>>>       <servlet>
>>>               <servlet-name>name</servlet-name>
>>>               <servlet-class>SecureServlet</servlet-class>
>>>       </servlet>
>>>               <servlet-mapping>
>>>               <servlet-name>name</servlet-name>
>>>               <url-pattern>/</url-pattern>
>>>       </servlet-mapping>
>>>       <security-constraint>
>>>               <web-resource-collection>
>>>                       <web-resource-name>ResourceName</web-resource-name>
>>>                       <url-pattern>/*</url-pattern>
>>>               </web-resource-collection>
>>>               <auth-constraint>
>>>                       <role-name>role</role-name>
>>>               </auth-constraint>
>>>       </security-constraint>
>>>               <login-config>
>>>               <auth-method>DIGEST</auth-method>
>>>               <realm-name>TheRealm</realm-name>
>>>       </login-config>
>>>               <security-role>
>>>               <role-name>role</role-name>
>>>       </security-role>
>>> </web-app>
>>> Thanks in advance!
>>> //Gustav
>>> _______________________________________________
>>> jetty-users mailing list
>>> jetty-users@xxxxxxxxxxx
>>> https://dev.eclipse.org/mailman/listinfo/jetty-users
>>
>> --
>> Jan Bartel, Webtide LLC | janb@xxxxxxxxxxx | http://www.webtide.com
>> _______________________________________________
>> jetty-users mailing list
>> jetty-users@xxxxxxxxxxx
>> https://dev.eclipse.org/mailman/listinfo/jetty-users
>
> _______________________________________________
> jetty-users mailing list
> jetty-users@xxxxxxxxxxx
> https://dev.eclipse.org/mailman/listinfo/jetty-users

_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/jetty-users