Examples with JAASLoginService org.eclipse.jetty.jaas.JAASLoginService used on opensource projects

Example 1 with JAASLoginService

use of org.eclipse.jetty.jaas.JAASLoginService in project pentaho-kettle by pentaho.

the class WebServer method startServer.

public void startServer() throws Exception {
    server = new Server();
    List<String> roles = new ArrayList<>();
    roles.add(Constraint.ANY_ROLE);
    // Set up the security handler, optionally with JAAS
    // 
    ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
    if (System.getProperty("loginmodulename") != null && System.getProperty("java.security.auth.login.config") != null) {
        JAASLoginService jaasLoginService = new JAASLoginService(SERVICE_NAME);
        jaasLoginService.setLoginModuleName(System.getProperty("loginmodulename"));
        securityHandler.setLoginService(jaasLoginService);
    } else {
        roles.add(DEFAULT_ROLE);
        HashLoginService hashLoginService;
        SlaveServer slaveServer = transformationMap.getSlaveServerConfig().getSlaveServer();
        if (!Utils.isEmpty(slaveServer.getPassword())) {
            hashLoginService = new HashLoginService(SERVICE_NAME);
            UserStore userStore = new UserStore();
            userStore.addUser(slaveServer.getUsername(), new Password(slaveServer.getPassword()), new String[] { DEFAULT_ROLE });
            hashLoginService.setUserStore(userStore);
        } else {
            // See if there is a kettle.pwd file in the KETTLE_HOME directory:
            if (Utils.isEmpty(passwordFile)) {
                File homePwdFile = new File(Const.getKettleCartePasswordFile());
                if (homePwdFile.exists()) {
                    passwordFile = Const.getKettleCartePasswordFile();
                } else {
                    passwordFile = Const.getKettleLocalCartePasswordFile();
                }
            }
            hashLoginService = new HashLoginService(SERVICE_NAME, passwordFile) {

                @Override
                protected String[] loadRoleInfo(UserPrincipal user) {
                    List<String> newRoles = new ArrayList<>();
                    newRoles.add(DEFAULT_ROLE);
                    String[] roles = super.loadRoleInfo(user);
                    if (null != roles) {
                        Collections.addAll(newRoles, roles);
                    }
                    return newRoles.toArray(new String[0]);
                }
            };
        }
        securityHandler.setLoginService(hashLoginService);
    }
    Constraint constraint = new Constraint();
    constraint.setName(Constraint.__BASIC_AUTH);
    constraint.setRoles(roles.toArray(new String[0]));
    constraint.setAuthenticate(true);
    ConstraintMapping constraintMapping = new ConstraintMapping();
    constraintMapping.setConstraint(constraint);
    constraintMapping.setPathSpec("/*");
    securityHandler.setConstraintMappings(new ConstraintMapping[] { constraintMapping });
    // Add all the servlets defined in kettle-servlets.xml ...
    // 
    ContextHandlerCollection contexts = new ContextHandlerCollection();
    // Root
    // 
    ServletContextHandler root = new ServletContextHandler(contexts, GetRootServlet.CONTEXT_PATH, ServletContextHandler.SESSIONS);
    GetRootServlet rootServlet = new GetRootServlet();
    rootServlet.setJettyMode(true);
    root.addServlet(new ServletHolder(rootServlet), "/*");
    PluginRegistry pluginRegistry = PluginRegistry.getInstance();
    List<PluginInterface> plugins = pluginRegistry.getPlugins(CartePluginType.class);
    for (PluginInterface plugin : plugins) {
        CartePluginInterface servlet = pluginRegistry.loadClass(plugin, CartePluginInterface.class);
        servlet.setup(transformationMap, jobMap, socketRepository, detections);
        servlet.setJettyMode(true);
        ServletContextHandler servletContext = new ServletContextHandler(contexts, getContextPath(servlet), ServletContextHandler.SESSIONS);
        ServletHolder servletHolder = new ServletHolder((Servlet) servlet);
        servletContext.addServlet(servletHolder, "/*");
    }
    // setup jersey (REST)
    ServletHolder jerseyServletHolder = new ServletHolder(ServletContainer.class);
    jerseyServletHolder.setInitParameter("com.sun.jersey.config.property.resourceConfigClass", "com.sun.jersey.api.core.PackagesResourceConfig");
    jerseyServletHolder.setInitParameter("com.sun.jersey.config.property.packages", "org.pentaho.di.www.jaxrs");
    root.addServlet(jerseyServletHolder, "/api/*");
    // setup static resource serving
    // ResourceHandler mobileResourceHandler = new ResourceHandler();
    // mobileResourceHandler.setWelcomeFiles(new String[]{"index.html"});
    // mobileResourceHandler.setResourceBase(getClass().getClassLoader().
    // getResource("org/pentaho/di/www/mobile").toExternalForm());
    // Context mobileContext = new Context(contexts, "/mobile", Context.SESSIONS);
    // mobileContext.setHandler(mobileResourceHandler);
    // Allow png files to be shown for transformations and jobs...
    // 
    ResourceHandler resourceHandler = new ResourceHandler();
    resourceHandler.setResourceBase("temp");
    // add all handlers/contexts to server
    // set up static servlet
    ServletHolder staticHolder = new ServletHolder("static", DefaultServlet.class);
    // resourceBase maps to the path relative to where carte is started
    staticHolder.setInitParameter("resourceBase", "./static/");
    staticHolder.setInitParameter("dirAllowed", "true");
    staticHolder.setInitParameter("pathInfoOnly", "true");
    root.addServlet(staticHolder, "/static/*");
    HandlerList handlers = new HandlerList();
    handlers.setHandlers(new Handler[] { resourceHandler, contexts });
    securityHandler.setHandler(handlers);
    server.setHandler(securityHandler);
    // Start execution
    createListeners();
    server.start();
}