Examples with ConstraintMapping org.eclipse.jetty.security.ConstraintMapping used on opensource projects

Search in sources :

Example 36 with ConstraintMapping

use of org.eclipse.jetty.security.ConstraintMapping in project hbase by apache.

the class HttpServerUtil method constrainHttpMethods.

/**
   * Add constraints to a Jetty Context to disallow undesirable Http methods.
   * @param ctxHandler The context to modify
   */
public static void constrainHttpMethods(ServletContextHandler ctxHandler) {
    Constraint c = new Constraint();
    c.setAuthenticate(true);
    ConstraintMapping cmt = new ConstraintMapping();
    cmt.setConstraint(c);
    cmt.setMethod("TRACE");
    cmt.setPathSpec("/*");
    ConstraintMapping cmo = new ConstraintMapping();
    cmo.setConstraint(c);
    cmo.setMethod("OPTIONS");
    cmo.setPathSpec("/*");
    ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
    securityHandler.setConstraintMappings(new ConstraintMapping[] { cmt, cmo });
    ctxHandler.setSecurityHandler(securityHandler);
}
Also used : ConstraintMapping(org.eclipse.jetty.security.ConstraintMapping) Constraint(org.eclipse.jetty.util.security.Constraint) ConstraintSecurityHandler(org.eclipse.jetty.security.ConstraintSecurityHandler)

Example 37 with ConstraintMapping

use of org.eclipse.jetty.security.ConstraintMapping in project camel by apache.

the class JettyTestServer method basicAuth.

private SecurityHandler basicAuth(String username, String password, String realm) {
    HashLoginService l = new HashLoginService();
    l.putUser(username, Credential.getCredential(password), new String[] { "user" });
    l.setName(realm);
    Constraint constraint = new Constraint();
    constraint.setName(Constraint.__BASIC_AUTH);
    constraint.setRoles(new String[] { "user" });
    constraint.setAuthenticate(true);
    ConstraintMapping cm = new ConstraintMapping();
    cm.setConstraint(constraint);
    cm.setPathSpec("/*");
    ConstraintSecurityHandler csh = new ConstraintSecurityHandler();
    csh.setAuthenticator(new BasicAuthenticator());
    csh.setRealmName("myrealm");
    csh.addConstraintMapping(cm);
    csh.setLoginService(l);
    return csh;
}
Also used : HashLoginService(org.eclipse.jetty.security.HashLoginService) ConstraintMapping(org.eclipse.jetty.security.ConstraintMapping) BasicAuthenticator(org.eclipse.jetty.security.authentication.BasicAuthenticator) Constraint(org.eclipse.jetty.util.security.Constraint) ConstraintSecurityHandler(org.eclipse.jetty.security.ConstraintSecurityHandler)

Example 38 with ConstraintMapping

use of org.eclipse.jetty.security.ConstraintMapping in project calcite-avatica by apache.

the class HttpServer method configureCommonAuthentication.

protected ConstraintSecurityHandler configureCommonAuthentication(Server server, ServerConnector connector, AvaticaServerConfiguration config, String constraintName, String[] allowedRoles, Authenticator authenticator, String realm, LoginService loginService) {
    Constraint constraint = new Constraint();
    constraint.setName(constraintName);
    constraint.setRoles(allowedRoles);
    // This is telling Jetty to not allow unauthenticated requests through (very important!)
    constraint.setAuthenticate(true);
    ConstraintMapping cm = new ConstraintMapping();
    cm.setConstraint(constraint);
    cm.setPathSpec("/*");
    ConstraintSecurityHandler sh = new ConstraintSecurityHandler();
    sh.setAuthenticator(authenticator);
    sh.setLoginService(loginService);
    sh.setConstraintMappings(new ConstraintMapping[] { cm });
    sh.setRealmName(realm);
    return sh;
}
Also used : ConstraintMapping(org.eclipse.jetty.security.ConstraintMapping) Constraint(org.eclipse.jetty.util.security.Constraint) ConstraintSecurityHandler(org.eclipse.jetty.security.ConstraintSecurityHandler)

Example 39 with ConstraintMapping

use of org.eclipse.jetty.security.ConstraintMapping in project bnd by bndtools.

the class HttpConnectorTest method startJetty.

private static Server startJetty() throws Exception {
    Server server = new Server();
    // Create the login service
    String REQUIRED_ROLE = "users";
    HashLoginService loginSvc = new HashLoginService(REQUIRED_ROLE, USER_ROLE_FILE);
    server.addBean(loginSvc);
    // Start HTTP and HTTPS connectors
    SelectChannelConnector httpConnector = new SelectChannelConnector();
    httpConnector.setPort(0);
    httpConnector.setHost(LOCALHOST);
    server.addConnector(httpConnector);
    SslSelectChannelConnector sslConnector = new SslSelectChannelConnector();
    sslConnector.setPort(0);
    sslConnector.setHost(LOCALHOST);
    SslContextFactory contextFactory = sslConnector.getSslContextFactory();
    contextFactory.setKeyStorePath(KEYSTORE_PATH);
    contextFactory.setKeyStorePassword(KEYSTORE_PASS);
    server.addConnector(sslConnector);
    // Create the resource handler to serve files
    ResourceHandler resourceHandler = new ETaggingResourceHandler();
    resourceHandler.setResourceBase(RESOURCE_BASE);
    resourceHandler.setDirectoriesListed(true);
    // Setup user role constraints
    Constraint constraint = new Constraint();
    constraint.setName(Constraint.__BASIC_AUTH);
    constraint.setRoles(new String[] { REQUIRED_ROLE });
    constraint.setAuthenticate(true);
    // Map constraints to the secured directory
    ConstraintMapping cm = new ConstraintMapping();
    cm.setConstraint(constraint);
    cm.setPathSpec(SECURED_PATH);
    // Setup the constraint handler
    ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
    securityHandler.setAuthMethod("BASIC");
    securityHandler.setHandler(resourceHandler);
    securityHandler.setLoginService(loginSvc);
    securityHandler.setConstraintMappings(new ConstraintMapping[] { cm });
    // Finally!! Start the server
    server.setHandler(securityHandler);
    server.start();
    while (!server.isRunning()) {
        Thread.sleep(10);
    }
    HTTP_PORT = httpConnector.getLocalPort();
    HTTPS_PORT = sslConnector.getLocalPort();
    assertNotSame(Integer.valueOf(0), Integer.valueOf(HTTP_PORT));
    assertNotSame(Integer.valueOf(-1), Integer.valueOf(HTTP_PORT));
    assertNotSame(Integer.valueOf(0), Integer.valueOf(HTTPS_PORT));
    assertNotSame(Integer.valueOf(-1), Integer.valueOf(HTTPS_PORT));
    assertNotSame(Integer.valueOf(HTTP_PORT), Integer.valueOf(HTTPS_PORT));
    return server;
}
Also used : HashLoginService(org.eclipse.jetty.security.HashLoginService) SslSelectChannelConnector(org.eclipse.jetty.server.ssl.SslSelectChannelConnector) SelectChannelConnector(org.eclipse.jetty.server.nio.SelectChannelConnector) SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory) ConstraintMapping(org.eclipse.jetty.security.ConstraintMapping) Server(org.eclipse.jetty.server.Server) ETaggingResourceHandler(test.http.ETaggingResourceHandler) Constraint(org.eclipse.jetty.util.security.Constraint) ConstraintSecurityHandler(org.eclipse.jetty.security.ConstraintSecurityHandler) ResourceHandler(org.eclipse.jetty.server.handler.ResourceHandler) ETaggingResourceHandler(test.http.ETaggingResourceHandler) SslSelectChannelConnector(org.eclipse.jetty.server.ssl.SslSelectChannelConnector)

Example 40 with ConstraintMapping

use of org.eclipse.jetty.security.ConstraintMapping in project camel by apache.

the class HttpBasicAuthComponentConfiguredTest method getSecurityHandler.

private SecurityHandler getSecurityHandler() throws IOException {
    Constraint constraint = new Constraint(Constraint.__BASIC_AUTH, "user");
    constraint.setAuthenticate(true);
    ConstraintMapping cm = new ConstraintMapping();
    cm.setPathSpec("/*");
    cm.setConstraint(constraint);
    ConstraintSecurityHandler sh = new ConstraintSecurityHandler();
    sh.setAuthenticator(new BasicAuthenticator());
    sh.setConstraintMappings(Arrays.asList(new ConstraintMapping[] { cm }));
    HashLoginService loginService = new HashLoginService("MyRealm", "src/test/resources/myRealm.properties");
    sh.setLoginService(loginService);
    sh.setConstraintMappings(Arrays.asList(new ConstraintMapping[] { cm }));
    return sh;
}
Also used : ConstraintMapping(org.eclipse.jetty.security.ConstraintMapping) HashLoginService(org.eclipse.jetty.security.HashLoginService) BasicAuthenticator(org.eclipse.jetty.security.authentication.BasicAuthenticator) Constraint(org.eclipse.jetty.util.security.Constraint) ConstraintSecurityHandler(org.eclipse.jetty.security.ConstraintSecurityHandler)

Aggregations

ConstraintMapping (org.eclipse.jetty.security.ConstraintMapping)50 Constraint (org.eclipse.jetty.util.security.Constraint)47 ConstraintSecurityHandler (org.eclipse.jetty.security.ConstraintSecurityHandler)35 HashLoginService (org.eclipse.jetty.security.HashLoginService)20 BasicAuthenticator (org.eclipse.jetty.security.authentication.BasicAuthenticator)17 Server (org.eclipse.jetty.server.Server)12 WebAppContext (org.eclipse.jetty.webapp.WebAppContext)9 ArrayList (java.util.ArrayList)6 Password (org.eclipse.jetty.util.security.Password)6 Test (org.junit.Test)6 File (java.io.File)5 HttpConstraint (javax.servlet.annotation.HttpConstraint)5 HttpMethodConstraint (javax.servlet.annotation.HttpMethodConstraint)5 IOException (java.io.IOException)4 LoginService (org.eclipse.jetty.security.LoginService)4 ServerConnector (org.eclipse.jetty.server.ServerConnector)4 ResourceHandler (org.eclipse.jetty.server.handler.ResourceHandler)4 ServletHolder (org.eclipse.jetty.servlet.ServletHolder)4 HashSet (java.util.HashSet)3 ConstraintAware (org.eclipse.jetty.security.ConstraintAware)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial