Examples with ConstraintMapping org.eclipse.jetty.security.ConstraintMapping used on opensource projects

Example 6 with ConstraintMapping

use of org.eclipse.jetty.security.ConstraintMapping in project jetty.project by eclipse.

the class DigestPostTest method setUpServer.

@BeforeClass
public static void setUpServer() {
    try {
        _server = new Server();
        _server.setConnectors(new Connector[] { new ServerConnector(_server) });
        ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SECURITY);
        context.setContextPath("/test");
        context.addServlet(PostServlet.class, "/");
        TestLoginService realm = new TestLoginService("test");
        realm.putUser("testuser", new Password("password"), new String[] { "test" });
        _server.addBean(realm);
        ConstraintSecurityHandler security = (ConstraintSecurityHandler) context.getSecurityHandler();
        security.setAuthenticator(new DigestAuthenticator());
        security.setLoginService(realm);
        Constraint constraint = new Constraint("SecureTest", "test");
        constraint.setAuthenticate(true);
        ConstraintMapping mapping = new ConstraintMapping();
        mapping.setConstraint(constraint);
        mapping.setPathSpec("/*");
        security.setConstraintMappings(Collections.singletonList(mapping));
        HandlerCollection handlers = new HandlerCollection();
        handlers.setHandlers(new Handler[] { context, new DefaultHandler() });
        _server.setHandler(handlers);
        _server.start();
    } catch (final Exception e) {
        e.printStackTrace();
    }
}

Example 7 with ConstraintMapping

use of org.eclipse.jetty.security.ConstraintMapping in project camel by apache.

the class HttpAuthMethodPriorityTest method getSecurityHandler.

private SecurityHandler getSecurityHandler() throws IOException {
    Constraint constraint = new Constraint(Constraint.__BASIC_AUTH, "user");
    constraint.setAuthenticate(true);
    ConstraintMapping cm = new ConstraintMapping();
    cm.setPathSpec("/*");
    cm.setConstraint(constraint);
    ConstraintSecurityHandler sh = new ConstraintSecurityHandler();
    sh.setAuthenticator(new BasicAuthenticator());
    sh.setConstraintMappings(Arrays.asList(new ConstraintMapping[] { cm }));
    HashLoginService loginService = new HashLoginService("MyRealm", "src/test/resources/myRealm.properties");
    sh.setLoginService(loginService);
    sh.setConstraintMappings(Arrays.asList(new ConstraintMapping[] { cm }));
    return sh;
}

Example 8 with ConstraintMapping

use of org.eclipse.jetty.security.ConstraintMapping in project camel by apache.

the class JettyTestServer method basicAuth.

private SecurityHandler basicAuth(String username, String password, String realm) {
    HashLoginService l = new HashLoginService();
    l.putUser(username, Credential.getCredential(password), new String[] { "user" });
    l.setName(realm);
    Constraint constraint = new Constraint();
    constraint.setName(Constraint.__BASIC_AUTH);
    constraint.setRoles(new String[] { "user" });
    constraint.setAuthenticate(true);
    ConstraintMapping cm = new ConstraintMapping();
    cm.setConstraint(constraint);
    cm.setPathSpec("/*");
    ConstraintSecurityHandler csh = new ConstraintSecurityHandler();
    csh.setAuthenticator(new BasicAuthenticator());
    csh.setRealmName("myrealm");
    csh.addConstraintMapping(cm);
    csh.setLoginService(l);
    return csh;
}

Example 9 with ConstraintMapping

use of org.eclipse.jetty.security.ConstraintMapping in project opennms by OpenNMS.

the class JUnitServer method initializeServerWithConfig.

protected void initializeServerWithConfig(final JUnitHttpServer config) {
    Server server = null;
    if (config.https()) {
        server = new Server();
        // SSL context configuration
        SslContextFactory sslContextFactory = new SslContextFactory();
        sslContextFactory.setKeyStorePath(config.keystore());
        sslContextFactory.setKeyStorePassword(config.keystorePassword());
        sslContextFactory.setKeyManagerPassword(config.keyPassword());
        sslContextFactory.setTrustStorePath(config.keystore());
        sslContextFactory.setTrustStorePassword(config.keystorePassword());
        // HTTP Configuration
        HttpConfiguration http_config = new HttpConfiguration();
        http_config.setSecureScheme("https");
        http_config.setSecurePort(config.port());
        http_config.setOutputBufferSize(32768);
        http_config.setRequestHeaderSize(8192);
        http_config.setResponseHeaderSize(8192);
        http_config.setSendServerVersion(true);
        http_config.setSendDateHeader(false);
        // SSL HTTP Configuration
        HttpConfiguration https_config = new HttpConfiguration(http_config);
        https_config.addCustomizer(new SecureRequestCustomizer());
        // SSL Connector
        ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(https_config));
        sslConnector.setPort(config.port());
        server.addConnector(sslConnector);
    } else {
        server = new Server(config.port());
    }
    m_server = server;
    final ContextHandler context1 = new ContextHandler();
    context1.setContextPath("/");
    context1.setWelcomeFiles(new String[] { "index.html" });
    context1.setResourceBase(config.resource());
    context1.setClassLoader(Thread.currentThread().getContextClassLoader());
    context1.setVirtualHosts(config.vhosts());
    final ContextHandler context = context1;
    Handler topLevelHandler = null;
    final HandlerList handlers = new HandlerList();
    if (config.basicAuth()) {
        // check for basic auth if we're configured to do so
        LOG.debug("configuring basic auth");
        final HashLoginService loginService = new HashLoginService("MyRealm", config.basicAuthFile());
        loginService.setHotReload(true);
        m_server.addBean(loginService);
        final ConstraintSecurityHandler security = new ConstraintSecurityHandler();
        final Set<String> knownRoles = new HashSet<>();
        knownRoles.add("user");
        knownRoles.add("admin");
        knownRoles.add("moderator");
        final Constraint constraint = new Constraint();
        constraint.setName("auth");
        constraint.setAuthenticate(true);
        constraint.setRoles(knownRoles.toArray(new String[0]));
        final ConstraintMapping mapping = new ConstraintMapping();
        mapping.setPathSpec("/*");
        mapping.setConstraint(constraint);
        security.setConstraintMappings(Collections.singletonList(mapping), knownRoles);
        security.setAuthenticator(new BasicAuthenticator());
        security.setLoginService(loginService);
        security.setRealmName("MyRealm");
        security.setHandler(context);
        topLevelHandler = security;
    } else {
        topLevelHandler = context;
    }
    final Webapp[] webapps = config.webapps();
    if (webapps != null) {
        for (final Webapp webapp : webapps) {
            final WebAppContext wac = new WebAppContext();
            String path = null;
            if (!"".equals(webapp.pathSystemProperty()) && System.getProperty(webapp.pathSystemProperty()) != null) {
                path = System.getProperty(webapp.pathSystemProperty());
            } else {
                path = webapp.path();
            }
            if (path == null || "".equals(path)) {
                throw new IllegalArgumentException("path or pathSystemProperty of @Webapp points to a null or blank value");
            }
            wac.setWar(path);
            wac.setContextPath(webapp.context());
            handlers.addHandler(wac);
        }
    }
    final ResourceHandler rh = new ResourceHandler();
    rh.setWelcomeFiles(new String[] { "index.html" });
    rh.setResourceBase(config.resource());
    handlers.addHandler(rh);
    // fall through to default
    handlers.addHandler(new DefaultHandler());
    context.setHandler(handlers);
    m_server.setHandler(topLevelHandler);
}

Example 10 with ConstraintMapping

use of org.eclipse.jetty.security.ConstraintMapping in project pentaho-kettle by pentaho.

the class WebServer method startServer.

public void startServer() throws Exception {
    server = new Server();
    List<String> roles = new ArrayList<>();
    roles.add(Constraint.ANY_ROLE);
    // Set up the security handler, optionally with JAAS
    // 
    ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
    if (System.getProperty("loginmodulename") != null && System.getProperty("java.security.auth.login.config") != null) {
        JAASLoginService jaasLoginService = new JAASLoginService(SERVICE_NAME);
        jaasLoginService.setLoginModuleName(System.getProperty("loginmodulename"));
        securityHandler.setLoginService(jaasLoginService);
    } else {
        roles.add(DEFAULT_ROLE);
        HashLoginService hashLoginService;
        SlaveServer slaveServer = transformationMap.getSlaveServerConfig().getSlaveServer();
        if (!Utils.isEmpty(slaveServer.getPassword())) {
            hashLoginService = new HashLoginService(SERVICE_NAME);
            UserStore userStore = new UserStore();
            userStore.addUser(slaveServer.getUsername(), new Password(slaveServer.getPassword()), new String[] { DEFAULT_ROLE });
            hashLoginService.setUserStore(userStore);
        } else {
            // See if there is a kettle.pwd file in the KETTLE_HOME directory:
            if (Utils.isEmpty(passwordFile)) {
                File homePwdFile = new File(Const.getKettleCartePasswordFile());
                if (homePwdFile.exists()) {
                    passwordFile = Const.getKettleCartePasswordFile();
                } else {
                    passwordFile = Const.getKettleLocalCartePasswordFile();
                }
            }
            hashLoginService = new HashLoginService(SERVICE_NAME, passwordFile) {

                @Override
                protected String[] loadRoleInfo(UserPrincipal user) {
                    List<String> newRoles = new ArrayList<>();
                    newRoles.add(DEFAULT_ROLE);
                    String[] roles = super.loadRoleInfo(user);
                    if (null != roles) {
                        Collections.addAll(newRoles, roles);
                    }
                    return newRoles.toArray(new String[0]);
                }
            };
        }
        securityHandler.setLoginService(hashLoginService);
    }
    Constraint constraint = new Constraint();
    constraint.setName(Constraint.__BASIC_AUTH);
    constraint.setRoles(roles.toArray(new String[0]));
    constraint.setAuthenticate(true);
    ConstraintMapping constraintMapping = new ConstraintMapping();
    constraintMapping.setConstraint(constraint);
    constraintMapping.setPathSpec("/*");
    securityHandler.setConstraintMappings(new ConstraintMapping[] { constraintMapping });
    // Add all the servlets defined in kettle-servlets.xml ...
    // 
    ContextHandlerCollection contexts = new ContextHandlerCollection();
    // Root
    // 
    ServletContextHandler root = new ServletContextHandler(contexts, GetRootServlet.CONTEXT_PATH, ServletContextHandler.SESSIONS);
    GetRootServlet rootServlet = new GetRootServlet();
    rootServlet.setJettyMode(true);
    root.addServlet(new ServletHolder(rootServlet), "/*");
    PluginRegistry pluginRegistry = PluginRegistry.getInstance();
    List<PluginInterface> plugins = pluginRegistry.getPlugins(CartePluginType.class);
    for (PluginInterface plugin : plugins) {
        CartePluginInterface servlet = pluginRegistry.loadClass(plugin, CartePluginInterface.class);
        servlet.setup(transformationMap, jobMap, socketRepository, detections);
        servlet.setJettyMode(true);
        ServletContextHandler servletContext = new ServletContextHandler(contexts, getContextPath(servlet), ServletContextHandler.SESSIONS);
        ServletHolder servletHolder = new ServletHolder((Servlet) servlet);
        servletContext.addServlet(servletHolder, "/*");
    }
    // setup jersey (REST)
    ServletHolder jerseyServletHolder = new ServletHolder(ServletContainer.class);
    jerseyServletHolder.setInitParameter("com.sun.jersey.config.property.resourceConfigClass", "com.sun.jersey.api.core.PackagesResourceConfig");
    jerseyServletHolder.setInitParameter("com.sun.jersey.config.property.packages", "org.pentaho.di.www.jaxrs");
    root.addServlet(jerseyServletHolder, "/api/*");
    // setup static resource serving
    // ResourceHandler mobileResourceHandler = new ResourceHandler();
    // mobileResourceHandler.setWelcomeFiles(new String[]{"index.html"});
    // mobileResourceHandler.setResourceBase(getClass().getClassLoader().
    // getResource("org/pentaho/di/www/mobile").toExternalForm());
    // Context mobileContext = new Context(contexts, "/mobile", Context.SESSIONS);
    // mobileContext.setHandler(mobileResourceHandler);
    // Allow png files to be shown for transformations and jobs...
    // 
    ResourceHandler resourceHandler = new ResourceHandler();
    resourceHandler.setResourceBase("temp");
    // add all handlers/contexts to server
    // set up static servlet
    ServletHolder staticHolder = new ServletHolder("static", DefaultServlet.class);
    // resourceBase maps to the path relative to where carte is started
    staticHolder.setInitParameter("resourceBase", "./static/");
    staticHolder.setInitParameter("dirAllowed", "true");
    staticHolder.setInitParameter("pathInfoOnly", "true");
    root.addServlet(staticHolder, "/static/*");
    HandlerList handlers = new HandlerList();
    handlers.setHandlers(new Handler[] { resourceHandler, contexts });
    securityHandler.setHandler(handlers);
    server.setHandler(securityHandler);
    // Start execution
    createListeners();
    server.start();
}