Examples with BasicAuthenticator org.eclipse.jetty.security.authentication.BasicAuthenticator used on opensource projects

Example 21 with BasicAuthenticator

use of org.eclipse.jetty.security.authentication.BasicAuthenticator in project jetty.project by eclipse.

the class ConstraintTest method testDeferredBasic.

@Test
public void testDeferredBasic() throws Exception {
    _security.setAuthenticator(new BasicAuthenticator());
    _server.start();
    String response;
    response = _connector.getResponse("GET /ctx/noauth/info HTTP/1.0\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
    Assert.assertThat(response, Matchers.containsString("user=null"));
    response = _connector.getResponse("GET /ctx/noauth/info HTTP/1.0\r\n" + "Authorization: Basic " + B64Code.encode("admin:wrong") + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
    Assert.assertThat(response, Matchers.containsString("user=null"));
    response = _connector.getResponse("GET /ctx/noauth/info HTTP/1.0\r\n" + "Authorization: Basic " + B64Code.encode("admin:password") + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
    Assert.assertThat(response, Matchers.containsString("user=admin"));
}

Example 22 with BasicAuthenticator

use of org.eclipse.jetty.security.authentication.BasicAuthenticator in project jetty.project by eclipse.

the class ConstraintTest method testRelaxedMethod.

@Test
public void testRelaxedMethod() throws Exception {
    _security.setAuthenticator(new BasicAuthenticator());
    _server.start();
    String response;
    response = _connector.getResponse("GET /ctx/forbid/somethig HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 403 "));
    response = _connector.getResponse("POST /ctx/forbid/post HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 "));
    response = _connector.getResponse("GET /ctx/forbid/post HTTP/1.0\r\n\r\n");
    // This is so stupid, but it is the S P E C
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 "));
}

Example 23 with BasicAuthenticator

use of org.eclipse.jetty.security.authentication.BasicAuthenticator in project jetty.project by eclipse.

the class DefaultAuthenticatorFactory method getAuthenticator.

public Authenticator getAuthenticator(Server server, ServletContext context, AuthConfiguration configuration, IdentityService identityService, LoginService loginService) {
    String auth = configuration.getAuthMethod();
    Authenticator authenticator = null;
    if (auth == null || Constraint.__BASIC_AUTH.equalsIgnoreCase(auth))
        authenticator = new BasicAuthenticator();
    else if (Constraint.__DIGEST_AUTH.equalsIgnoreCase(auth))
        authenticator = new DigestAuthenticator();
    else if (Constraint.__FORM_AUTH.equalsIgnoreCase(auth))
        authenticator = new FormAuthenticator();
    else if (Constraint.__SPNEGO_AUTH.equalsIgnoreCase(auth))
        authenticator = new SpnegoAuthenticator();
    else if (// see Bug #377076
    Constraint.__NEGOTIATE_AUTH.equalsIgnoreCase(auth))
        authenticator = new SpnegoAuthenticator(Constraint.__NEGOTIATE_AUTH);
    if (Constraint.__CERT_AUTH.equalsIgnoreCase(auth) || Constraint.__CERT_AUTH2.equalsIgnoreCase(auth))
        authenticator = new ClientCertAuthenticator();
    return authenticator;
}

Example 24 with BasicAuthenticator

use of org.eclipse.jetty.security.authentication.BasicAuthenticator in project h2o-3 by h2oai.

the class JettyHTTPD method createServer.

protected void createServer(Connector connector) throws Exception {
    _server.setConnectors(new Connector[] { connector });
    if (H2O.ARGS.hash_login || H2O.ARGS.ldap_login || H2O.ARGS.kerberos_login) {
        // REFER TO http://www.eclipse.org/jetty/documentation/9.1.4.v20140401/embedded-examples.html#embedded-secured-hello-handler
        if (H2O.ARGS.login_conf == null) {
            Log.err("Must specify -login_conf argument");
            H2O.exit(1);
        }
        LoginService loginService;
        if (H2O.ARGS.hash_login) {
            Log.info("Configuring HashLoginService");
            loginService = new HashLoginService("H2O", H2O.ARGS.login_conf);
        } else if (H2O.ARGS.ldap_login) {
            Log.info("Configuring JAASLoginService (with LDAP)");
            System.setProperty("java.security.auth.login.config", H2O.ARGS.login_conf);
            loginService = new JAASLoginService("ldaploginmodule");
        } else if (H2O.ARGS.kerberos_login) {
            Log.info("Configuring JAASLoginService (with Kerberos)");
            System.setProperty("java.security.auth.login.config", H2O.ARGS.login_conf);
            loginService = new JAASLoginService("krb5loginmodule");
        } else {
            throw H2O.fail();
        }
        IdentityService identityService = new DefaultIdentityService();
        loginService.setIdentityService(identityService);
        _server.addBean(loginService);
        // Set a security handler as the first handler in the chain.
        ConstraintSecurityHandler security = new ConstraintSecurityHandler();
        // Set up a constraint to authenticate all calls, and allow certain roles in.
        Constraint constraint = new Constraint();
        constraint.setName("auth");
        constraint.setAuthenticate(true);
        // Configure role stuff (to be disregarded).  We are ignoring roles, and only going off the user name.
        //
        //   Jetty 8 and prior.
        //
        //     Jetty 8 requires the security.setStrict(false) and ANY_ROLE.
        security.setStrict(false);
        constraint.setRoles(new String[] { Constraint.ANY_ROLE });
        //   Jetty 9 and later.
        //
        //     Jetty 9 and later uses a different servlet spec, and ANY_AUTH gives the same behavior
        //     for that API version as ANY_ROLE did previously.  This required some low-level debugging
        //     to figure out, so I'm documenting it here.
        //     Jetty 9 did not require security.setStrict(false).
        //
        // constraint.setRoles(new String[]{Constraint.ANY_AUTH});
        ConstraintMapping mapping = new ConstraintMapping();
        // Lock down all API calls
        mapping.setPathSpec("/*");
        mapping.setConstraint(constraint);
        security.setConstraintMappings(Collections.singletonList(mapping));
        // Authentication / Authorization
        security.setAuthenticator(new BasicAuthenticator());
        security.setLoginService(loginService);
        // Pass-through to H2O if authenticated.
        registerHandlers(security);
        _server.setHandler(security);
    } else {
        registerHandlers(_server);
    }
    _server.start();
}

Example 25 with BasicAuthenticator

use of org.eclipse.jetty.security.authentication.BasicAuthenticator in project camel by apache.

the class JettyTestServer method basicAuth.

private SecurityHandler basicAuth(String username, String password, String realm) {
    HashLoginService l = new HashLoginService();
    l.putUser(username, Credential.getCredential(password), new String[] { "user" });
    l.setName(realm);
    Constraint constraint = new Constraint();
    constraint.setName(Constraint.__BASIC_AUTH);
    constraint.setRoles(new String[] { "user" });
    constraint.setAuthenticate(true);
    ConstraintMapping cm = new ConstraintMapping();
    cm.setConstraint(constraint);
    cm.setPathSpec("/*");
    ConstraintSecurityHandler csh = new ConstraintSecurityHandler();
    csh.setAuthenticator(new BasicAuthenticator());
    csh.setRealmName("myrealm");
    csh.addConstraintMapping(cm);
    csh.setLoginService(l);
    return csh;
}