Examples with LoginConfig org.apache.tomcat.util.descriptor.web.LoginConfig used on opensource projects

Search in sources :

Example 6 with LoginConfig

use of org.apache.tomcat.util.descriptor.web.LoginConfig in project tomcat by apache.

the class TestStandardWrapper method doTest.

private void doTest(String servletClassName, boolean usePost, boolean useRole, boolean expect200, boolean denyUncovered) throws Exception {
    // Setup Tomcat instance
    Tomcat tomcat = getTomcatInstance();
    // No file system docBase required
    Context ctx = tomcat.addContext("", null);
    ctx.setDenyUncoveredHttpMethods(denyUncovered);
    Wrapper wrapper = Tomcat.addServlet(ctx, "servlet", servletClassName);
    wrapper.setAsyncSupported(true);
    ctx.addServletMappingDecoded("/", "servlet");
    if (useRole) {
        TesterMapRealm realm = new TesterMapRealm();
        realm.addUser("testUser", "testPwd");
        realm.addUserRole("testUser", "testRole");
        ctx.setRealm(realm);
        ctx.setLoginConfig(new LoginConfig("BASIC", null, null, null));
        ctx.getPipeline().addValve(new BasicAuthenticator());
    }
    tomcat.start();
    ByteChunk bc = new ByteChunk();
    Map<String, List<String>> reqHeaders = null;
    if (useRole) {
        reqHeaders = new HashMap<>();
        List<String> authHeaders = new ArrayList<>();
        // testUser, testPwd
        authHeaders.add("Basic dGVzdFVzZXI6dGVzdFB3ZA==");
        reqHeaders.put("Authorization", authHeaders);
    }
    int rc;
    if (usePost) {
        rc = postUrl(null, "http://localhost:" + getPort() + "/", bc, reqHeaders, null);
    } else {
        rc = getUrl("http://localhost:" + getPort() + "/", bc, reqHeaders, null);
    }
    if (expect200) {
        assertEquals("OK", bc.toString());
        assertEquals(200, rc);
    } else {
        assertTrue(bc.getLength() > 0);
        assertEquals(403, rc);
    }
}
Also used : Context(org.apache.catalina.Context) ServletContext(javax.servlet.ServletContext) Wrapper(org.apache.catalina.Wrapper) Tomcat(org.apache.catalina.startup.Tomcat) ByteChunk(org.apache.tomcat.util.buf.ByteChunk) ArrayList(java.util.ArrayList) HttpConstraint(javax.servlet.annotation.HttpConstraint) HttpMethodConstraint(javax.servlet.annotation.HttpMethodConstraint) TesterMapRealm(org.apache.catalina.startup.TesterMapRealm) BasicAuthenticator(org.apache.catalina.authenticator.BasicAuthenticator) LoginConfig(org.apache.tomcat.util.descriptor.web.LoginConfig) ArrayList(java.util.ArrayList) List(java.util.List)

Example 7 with LoginConfig

use of org.apache.tomcat.util.descriptor.web.LoginConfig in project tomcat by apache.

the class TestStandardContext method testBug50015.

@Test
public void testBug50015() throws Exception {
    // Test that configuring servlet security constraints programmatically
    // does work.
    // Set up a container
    Tomcat tomcat = getTomcatInstance();
    // No file system docBase required
    Context ctx = tomcat.addContext("", null);
    // Setup realm
    TesterMapRealm realm = new TesterMapRealm();
    realm.addUser("tomcat", "tomcat");
    realm.addUserRole("tomcat", "tomcat");
    ctx.setRealm(realm);
    // Configure app for BASIC auth
    LoginConfig lc = new LoginConfig();
    lc.setAuthMethod("BASIC");
    ctx.setLoginConfig(lc);
    ctx.getPipeline().addValve(new BasicAuthenticator());
    // Add ServletContainerInitializer
    ServletContainerInitializer sci = new Bug50015SCI();
    ctx.addServletContainerInitializer(sci, null);
    // Start the context
    tomcat.start();
    // Request the first servlet
    ByteChunk bc = new ByteChunk();
    int rc = getUrl("http://localhost:" + getPort() + "/bug50015", bc, null);
    // Check for a 401
    assertNotSame("OK", bc.toString());
    assertEquals(401, rc);
}
Also used : Context(org.apache.catalina.Context) ServletContext(javax.servlet.ServletContext) ServletContainerInitializer(javax.servlet.ServletContainerInitializer) Tomcat(org.apache.catalina.startup.Tomcat) TesterMapRealm(org.apache.catalina.startup.TesterMapRealm) BasicAuthenticator(org.apache.catalina.authenticator.BasicAuthenticator) ByteChunk(org.apache.tomcat.util.buf.ByteChunk) LoginConfig(org.apache.tomcat.util.descriptor.web.LoginConfig) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Example 8 with LoginConfig

use of org.apache.tomcat.util.descriptor.web.LoginConfig in project tomee by apache.

the class ConfigurationTest method autoConfig.

@Test
public void autoConfig() {
    final Configuration configuration = new Configuration();
    configuration.loadFromProperties(new PropertiesBuilder().p("http", "1234").p("stop", "1235").p("host", "here").p("dir", "target/dirtmp").p("quickSession", "false").p("webResourceCached", "false").p("withEjbRemote", "true").p("deployOpenEjbApp", "true").p("users.u1", "p1").p("users.u2", "p2").p("roles.admin", "u1,u2").p("roles.simple", "u1").p("realm", "org.apache.catalina.realm.JAASRealm").p("realm.appName", "app").p("realm.configFile", "configuration.jaas").p("login", "").p("login.realmName", "app").p("login.authMethod", "BASIC").p("securityConstraint", "").p("securityConstraint.authConstraint", "true").p("securityConstraint.authRole", "**").p("securityConstraint.collection", "api:/api/*").build());
    assertEquals(1234, configuration.getHttpPort());
    assertEquals(1235, configuration.getStopPort());
    assertEquals("target/dirtmp", configuration.getDir());
    assertFalse(configuration.isQuickSession());
    assertTrue(configuration.isWithEjbRemote());
    assertTrue(configuration.isDeployOpenEjbApp());
    assertEquals(new HashMap<String, String>() {

        {
            put("u1", "p1");
            put("u2", "p2");
        }
    }, configuration.getUsers());
    assertEquals(new HashMap<String, String>() {

        {
            put("admin", "u1,u2");
            put("simple", "u1");
        }
    }, configuration.getRoles());
    assertNotNull(configuration.getRealm());
    assertTrue(JAASRealm.class.isInstance(configuration.getRealm()));
    final JAASRealm realm = JAASRealm.class.cast(configuration.getRealm());
    assertEquals("app", realm.getAppName());
    assertEquals("configuration.jaas", realm.getConfigFile());
    assertNotNull(configuration.getLoginConfig());
    final LoginConfig loginConfig = configuration.getLoginConfig().build();
    assertEquals("app", loginConfig.getRealmName());
    assertEquals("BASIC", loginConfig.getAuthMethod());
    final Collection<SecurityConstaintBuilder> securityConstraints = configuration.getSecurityConstraints();
    assertNotNull(securityConstraints);
    assertEquals(1, securityConstraints.size());
    final SecurityConstraint constraint = securityConstraints.iterator().next().build();
    assertTrue(constraint.getAuthConstraint());
    assertTrue(constraint.getAuthenticatedUsers());
    assertEquals("/api/*", constraint.findCollection("api").findPatterns()[0]);
}
Also used : JAASRealm(org.apache.catalina.realm.JAASRealm) LoginConfig(org.apache.tomcat.util.descriptor.web.LoginConfig) PropertiesBuilder(org.apache.openejb.testng.PropertiesBuilder) SecurityConstraint(org.apache.tomcat.util.descriptor.web.SecurityConstraint) Test(org.junit.Test)

Example 9 with LoginConfig

use of org.apache.tomcat.util.descriptor.web.LoginConfig in project tomee by apache.

the class TomcatWsRegistry method createNewContext.

private static Context createNewContext(final ClassLoader classLoader, String authMethod, String transportGuarantee, final String realmName, final String name) {
    String path = name;
    if (path == null) {
        path = "/";
    }
    if (!path.startsWith("/")) {
        path = "/" + path;
    }
    final StandardContext context = new IgnoredStandardContext();
    context.setPath(path);
    context.setDocBase("");
    context.setParentClassLoader(classLoader);
    context.setDelegate(true);
    context.setName(name);
    ((TomcatWebAppBuilder) SystemInstance.get().getComponent(WebAppBuilder.class)).initJ2EEInfo(context);
    // Configure security
    if (authMethod != null) {
        authMethod = authMethod.toUpperCase();
    }
    if (transportGuarantee != null) {
        transportGuarantee = transportGuarantee.toUpperCase();
    }
    if (authMethod == null || "NONE".equals(authMethod)) {
    //NOPMD
    // ignore none for now as the  NonLoginAuthenticator seems to be completely hosed
    } else if ("BASIC".equals(authMethod) || "DIGEST".equals(authMethod) || "CLIENT-CERT".equals(authMethod)) {
        //Setup a login configuration
        final LoginConfig loginConfig = new LoginConfig();
        loginConfig.setAuthMethod(authMethod);
        loginConfig.setRealmName(realmName);
        context.setLoginConfig(loginConfig);
        //Setup a default Security Constraint
        final String securityRole = SystemInstance.get().getProperty(TOMEE_JAXWS_SECURITY_ROLE_PREFIX + name, "default");
        for (final String role : securityRole.split(",")) {
            final SecurityCollection collection = new SecurityCollection();
            collection.addMethod("GET");
            collection.addMethod("POST");
            collection.addPattern("/*");
            collection.setName(role);
            final SecurityConstraint sc = new SecurityConstraint();
            sc.addAuthRole("*");
            sc.addCollection(collection);
            sc.setAuthConstraint(true);
            sc.setUserConstraint(transportGuarantee);
            context.addConstraint(sc);
            context.addSecurityRole(role);
        }
        //Set the proper authenticator
        if ("BASIC".equals(authMethod)) {
            context.addValve(new BasicAuthenticator());
        } else if ("DIGEST".equals(authMethod)) {
            context.addValve(new DigestAuthenticator());
        } else if ("CLIENT-CERT".equals(authMethod)) {
            context.addValve(new SSLAuthenticator());
        } else if ("NONE".equals(authMethod)) {
            context.addValve(new NonLoginAuthenticator());
        }
        context.getPipeline().addValve(new OpenEJBValve());
    } else {
        throw new IllegalArgumentException("Invalid authMethod: " + authMethod);
    }
    return context;
}
Also used : TomcatWebAppBuilder(org.apache.tomee.catalina.TomcatWebAppBuilder) NonLoginAuthenticator(org.apache.catalina.authenticator.NonLoginAuthenticator) TomcatWebAppBuilder(org.apache.tomee.catalina.TomcatWebAppBuilder) WebAppBuilder(org.apache.openejb.assembler.classic.WebAppBuilder) SecurityConstraint(org.apache.tomcat.util.descriptor.web.SecurityConstraint) IgnoredStandardContext(org.apache.tomee.catalina.IgnoredStandardContext) SSLAuthenticator(org.apache.catalina.authenticator.SSLAuthenticator) BasicAuthenticator(org.apache.catalina.authenticator.BasicAuthenticator) OpenEJBValve(org.apache.tomee.catalina.OpenEJBValve) DigestAuthenticator(org.apache.catalina.authenticator.DigestAuthenticator) IgnoredStandardContext(org.apache.tomee.catalina.IgnoredStandardContext) StandardContext(org.apache.catalina.core.StandardContext) LoginConfig(org.apache.tomcat.util.descriptor.web.LoginConfig) SecurityCollection(org.apache.tomcat.util.descriptor.web.SecurityCollection)

Example 10 with LoginConfig

use of org.apache.tomcat.util.descriptor.web.LoginConfig in project tomcat by apache.

the class AuthenticatorBase method getRealmName.

protected static String getRealmName(Context context) {
    if (context == null) {
        // Very unlikely
        return REALM_NAME;
    }
    LoginConfig config = context.getLoginConfig();
    if (config == null) {
        return REALM_NAME;
    }
    String result = config.getRealmName();
    if (result == null) {
        return REALM_NAME;
    }
    return result;
}
Also used : LoginConfig(org.apache.tomcat.util.descriptor.web.LoginConfig)

Aggregations

LoginConfig (org.apache.tomcat.util.descriptor.web.LoginConfig)21 SecurityConstraint (org.apache.tomcat.util.descriptor.web.SecurityConstraint)13 SecurityCollection (org.apache.tomcat.util.descriptor.web.SecurityCollection)11 Context (org.apache.catalina.Context)9 BasicAuthenticator (org.apache.catalina.authenticator.BasicAuthenticator)7 TesterMapRealm (org.apache.catalina.startup.TesterMapRealm)7 TesterServlet (org.apache.catalina.startup.TesterServlet)5 Tomcat (org.apache.catalina.startup.Tomcat)5 ByteChunk (org.apache.tomcat.util.buf.ByteChunk)4 ServletContext (javax.servlet.ServletContext)3 SSLAuthenticator (org.apache.catalina.authenticator.SSLAuthenticator)3 StandardContext (org.apache.catalina.core.StandardContext)3 Test (org.junit.Test)3 ServletContainerInitializer (javax.servlet.ServletContainerInitializer)2 DigestAuthenticator (org.apache.catalina.authenticator.DigestAuthenticator)2 NonLoginAuthenticator (org.apache.catalina.authenticator.NonLoginAuthenticator)2 TesterServletEncodeUrl (org.apache.catalina.startup.TesterServletEncodeUrl)2 TomcatBaseTest (org.apache.catalina.startup.TomcatBaseTest)2 IgnoredStandardContext (org.apache.tomee.catalina.IgnoredStandardContext)2 OpenEJBValve (org.apache.tomee.catalina.OpenEJBValve)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial