[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [jetty-users] Authentication in embedded Jetty7
|
Hello again
I'm still searching for the right incantation to require digest
authentication in embedded Jetty 7. I created a constraint with the
name "DIGEST" but the result is that the browser uses BASIC
authentication, successfully. How can I force it to use DIGEST? Here
is the code that sets up the constraint and starts the server:
Constraint constraint = new Constraint();
constraint.setName(Constraint.__DIGEST_AUTH);
constraint.setRoles(new String[]{"admin"});
constraint.setAuthenticate(true);
ConstraintMapping cm = new ConstraintMapping();
cm.setConstraint(constraint);
cm.setPathSpec("/*");
ConstraintSecurityHandler csh = new ConstraintSecurityHandler();
csh.setLoginService(new HashLoginService("Test Realm2",
"/tmp/realm.properties"));
csh.setConstraintMappings(new ConstraintMapping[]{cm});
csh.setStrict(true);
wac = new WebAppContext();
wac.setContextPath("/");
wac.setSecurityHandler(csh);
wac.setWar(
(getClass().getClassLoader().getResource
("war/blahblah").toExternalForm());
jetty = new Server(httpPort);
jetty.setHandler(wac);
jetty.start();
The realm.properties file contains:
digested: MD5:e44ac848b54053adeef5fc47d1aadb36,admin
When I access my web application, Firefox prompts for user&password, and
I give digested's credentials. The resulting auth header is
Authorization: Basic ZGlnZXN0ZWQ6ZGlnZXN0ZWQ=
I must be misunderstanding the API in some way. Can one of you point
out my mistake? I'm using Jetty 7.4.0.v20110414. Thanks in advance!
-- Guy Hillyer
