Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] How to use a login form with Jetty 9?
Thanks, 

To use only the WebAppContext is a good solution

This is the code I've finally used:

// Creating the server on port webPort
m_server = new Server(webPort);

// get the path for the authentication settings
// it should be in the same folder than the platform location
File configFile = new File(System.getProperty("com.bnpp.firefly.configfile"));
File authConfigFile = new File(configFile.getParent(), "auth.properties");
// set the login service
LoginService loginService = new org.eclipse.jetty.security.JDBCLoginService("MyRealm", authConfigFile.getPath());
ConstraintSecurityHandler security = new ConstraintSecurityHandler();

// no authentication for these items
{
    Constraint constraint = new Constraint();
    constraint.setAuthenticate(false);

    for (String pathSpec: new String[] {
            "/images/*",
            "/css/*",
            "/lib/*",
        })
    {
        ConstraintMapping mapping = new ConstraintMapping();
        mapping.setPathSpec(pathSpec);
        mapping.setConstraint(constraint);
        security.addConstraintMapping(mapping);
    }
}

// must have authentication for the rest
{
    Constraint constraint = new Constraint();
    constraint.setName(Constraint.__FORM_AUTH);
    constraint.setAuthenticate(true);
    constraint.setRoles(new String[] { "user", "admin" });

    ConstraintMapping mapping = new ConstraintMapping();
    mapping.setPathSpec("/*");
    mapping.setConstraint(constraint);
    security.addConstraintMapping(mapping);
}

security.setLoginService(loginService);

FormAuthenticator authenticator = new FormAuthenticator("/html/login.html", "/html/login.html?error=true", false);
security.setAuthenticator(authenticator);

// the JSP part
WebAppContext webAppContext = new WebAppContext();
//webAppContext.setContextPath("/");
webAppContext.setResourceBase("www");
webAppContext.setInitParameter("dirAllowed", "false");

//Including the JSTL jars for the webapp.
webAppContext.setAttribute("org.eclipse.jetty.server.webapp.ContainerIncludeJarPattern",".*/[^/]*jstl.*\\.jar$");

//Enabling the Annotation based configuration
org.eclipse.jetty.webapp.Configuration.ClassList classlist = org.eclipse.jetty.webapp.Configuration.ClassList.setServerDefault(m_server);
classlist.addAfter("org.eclipse.jetty.webapp.FragmentConfiguration", "org.eclipse.jetty.plus.webapp.EnvConfiguration", "org.eclipse.jetty.plus.webapp.PlusConfiguration");
classlist.addBefore("org.eclipse.jetty.webapp.JettyWebXmlConfiguration", "org.eclipse.jetty.annotations.AnnotationConfiguration");

webAppContext.addServlet(new ServletHolder(new QueryGlobals()), "/queries/globals");
webAppContext.addServlet(new ServletHolder(new QueryAllVenues()), "/queries/all_venues");
webAppContext.addServlet(new ServletHolder(new QuerySearchCSV()), "/queries/searchCSV");
webAppContext.addServlet(new ServletHolder(new QuerySearchWithPaging()), "/queries/searchWithPaging");
webAppContext.setWelcomeFiles(new String [] {"html/dashboard.html"});

// this will set authentication
webAppContext.setSecurityHandler(security);
webAppContext.getSessionHandler().setMaxInactiveInterval(24 * 60 * 60);

// what the server serves
m_server.setHandler(webAppContext);

m_server.start();



On 4 August 2017 at 06:17, Serge Weinstock <serge.weinstock@xxxxxxxxx> wrote:

I've just added authentication to my embedded jetty 9 web server. I'm using the JDBCLoginService and everything works fine.

 

I now want to add a login page. But I can’t get it working: when the FormAuthenticator.validate() method is called, it's trying to get an HTTPsession and none is found.

 

I've been trying to create Sessions but I've been unable to find the correct API. Can someone give me an example?

 

This is my code:

 

// the file server part

ResourceHandler resource_handler = new ResourceHandler();

resource_handler.setDirectoriesListed(false);

resource_handler.setResourceBase("www");

resource_handler.setDirectoriesListed(false);

resource_handler.setWelcomeFiles(new String[]{ "html/dashboard.html" });

// the JSP part

WebAppContext webAppContext = new WebAppContext();

webAppContext.setResourceBase("www");

webAppContext.setInitParameter("dirAllowed", "false");

webAppContext.addServlet(new ServletHolder(new QueryGlobals()), "/queries/globals");

webAppContext.addServlet(new ServletHolder(new QueryAllVenues()), "/queries/all_venues");

HandlerList handlers = new HandlerList();

handlers.setHandlers(new Handler[] {

        // static files

        resource_handler,

        // servlets

        webAppContext,

        // 404

        new DefaultHandler()

    });

// get the path for the authentication settings

// it should be in the same folder than the platform location

File configFile = new File(System.getProperty("com.bnpp.firefly.configfile"));

File authConfigFile = new File(configFile.getParent(), "auth.properties");

LoginService loginService = new org.eclipse.jetty.security.JDBCLoginService("MyRealm", authConfigFile.getPath());

m_server.addBean(loginService);

 

ConstraintSecurityHandler security = new ConstraintSecurityHandler();

Constraint constraint = new Constraint();

constraint.setName(Constraint.__FORM_AUTH);

constraint.setAuthenticate(true);

constraint.setRoles(new String[] { "user", "admin" });

 

ConstraintMapping mapping = new ConstraintMapping();

mapping.setPathSpec("/*");

mapping.setConstraint(constraint);

 

security.addConstraintMapping(mapping);

FormAuthenticator authenticator = new FormAuthenticator("/html/login.html", "/html/login.html", false);

security.setAuthenticator(authenticator);

security.setLoginService(loginService);

 

 

security.setHandler(handlers);

m_server.setHandler(security);

 

 

m_server.start();

 

Thanks

Serge



Back to the top