Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] JDBCLoginService without a config file

I found it to be easier to provide your own MappedLoginService that makes the JDBC calls for Jetty. That way you're not constrained by the default table/column names that Jetty expects. Also, you only have to define your data source for the database connection in one central location in your application versus adding a separate one for Jetty. Not to mention that you could allow another service to load users that's not database specific (like JPA). All you need to do is add your login service to a org.eclipse.jetty.security.ConstraintSecurityHandler#setLoginService method.

 

import org.eclipse.jetty.security.MappedLoginService;

import org.eclipse.jetty.server.UserIdentity;

import org.eclipse.jetty.util.security.Credential;

 

public class MyLoginService extends MappedLoginService {

                public MyLoginService() {

                                setName("My Realm Name");

                }

                @Override

                protected UserIdentity loadUser(final String username) {

                                // make service call that will look up a user by username

                                final User user = makeServiceCalltoJdbcHere.getUser(username);

                                final Credential cred = Credential.getCredential(user.getPassword());

                                return putUser(user.getUsername(), cred, user.getRoles());

                }

                @Override

                protected void loadUsers() throws IOException {

                                // make service call to load users that will be cached by Jetty (alternatively you can call

                                // _users.clear() here if you want to use another user caching mechanism like JPA- it will cause loadUser to be called)

                                _users.putAll(loadMyUserMap());

                }

                @Override

                public UserIdentity login(final String username, final Object credentials) {

                                // do something here if you need to validate a user when they login

                                return super.login(username, credentials);

                }

                @Override

                public void logout(final UserIdentity identity) {

                                // do something here if you need to invalidate a user when they logout

                                super.logout(identity);

                }

}

 

From: jetty-users-bounces@xxxxxxxxxxx [mailto:jetty-users-bounces@xxxxxxxxxxx] On Behalf Of Li Xu
Sent: Tuesday, May 29, 2012 10:13 PM
To: jetty-users@xxxxxxxxxxx
Subject: [jetty-users] JDBCLoginService without a config file

 

Hi,

 

I'm trying to get JDBC-backed login going with my embedded Jetty. I can't find a way to programmatically set jdbc url, driver, table names, etc properties without creating a physical file. As I read the source for org.eclipse.jetty.security.JDBCLoginService, it apparently only takes a string (as the properties filename or url) as input and the doStart() method opens an InputStream to read the props. Does anyone know if there's way to avoid a file by just calling Java methods to set JDBC settings?

 

Thanks,

Li

Back to the top