private support for your internal/customer projects ... custom extensions and distributions ... versioned snapshots for indefinite support ... scalability guidance for your apps and Ajax/Comet projects ... development services from 1 day to full product delivery
You are viewing an old version of this page. View the current version.
Compare with Current ·
View Page History
Authentication on Embedded Jetty:
This example is setting up Basic Authentication on the context "/mywebapp"
On your webapp's WEB-INF/web.xml:
<web-app>
<security-constraint>
<web-resource-collection>
<web-resource-name>A Protected Page</web-resource-name>
<url-pattern>/*</url-pattern> <!-- you can include specific files/urls individually.. eg. <url-pattern>/mywelcomepage.html</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
<role-name>user</role-name>
<role-name>moderator</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>MyRealm</realm-name>
</login-config>
</web-app>
Next on your WebAppContext:
Server server = new Server();
Connector connector = new SelectChannelConnector();
connector.setPort(8080);
server.setConnectors(new Connector[]{connector});
WebAppContext webappcontext = new WebAppContext();
webappcontext.setContextPath("/mywebapp");
webappcontext.setWar("./path/to/my/war/orExplodedwar");
HandlerCollection handlers= new HandlerCollection();
handlers.setHandlers(new Handler[]{webappcontext, new DefaultHandler()});
server.setHandler(handlers);
HashUserRealm myrealm = new HashUserRealm("MyRealm","C:/jetty-6.0.1/etc/realm.properties"); // org.mortbay.jetty.security.HashUserRealm
server.setUserRealms(new UserRealm[]{myrealm}); // org.mortbay.jetty.security.UserRealm
server.start();
server.join();
On JETTY_HOME/etc/realm.properties:
You will see the format:
<username>:<password>,role ... notice the password has another ":" for users "jetty", "admin" and "other". Its the hash of the actual password.
Since the roles we placed onare admin, user, moderator,...
The user/pass with access are:
jetty/jetty
admin/admin
you can then append a new user/pass and role on realm.properties... for example:
newUser: newPass,moderator
So when u test on http://localhost:8080/mywebapp
You will be prompted to supply the user/pass with a basic authentication. Simply admin/admin, jetty/jetty or newUser/newPass will get you authenticated.
-----------------------------------------------------------------------------------------------------------------------
Authentication done programatically (without web.xml config)
import org.mortbay.jetty.security.*;
Server server = new Server();
Connector connector = new SelectChannelConnector();
connector.setPort(8080);
server.setConnectors(new Connector[]{connector});
Constraint constraint = new Constraint();
constraint.setName(Constraint.__BASIC_AUTH);;
constraint.setRoles(new String[]{"user","admin","moderator"});
constraint.setAuthenticate(true);
ConstraintMapping cm = new ConstraintMapping();
cm.setConstraint(constraint);
cm.setPathSpec("/*");
SecurityHandler sh = new SecurityHandler();
sh.setUserRealm(new HashUserRealm("MyRealm","./path/to/my/realm.properties"));
sh.setConstraintMappings(new ConstraintMapping[]{cm});
WebAppContext webappcontext = new WebAppContext();
webappcontext.setContextPath("/mywebapp");
webappcontext.setWar("./path/to/my/war/orExplodedwar");
webappcontext.addHandler(sh);
HandlerCollection handlers= new HandlerCollection();
handlers.setHandlers(new Handler[]{webappcontext, new DefaultHandler()});
server.setHandler(handlers);
server.start();
server.join();