Search in sources :

Example 6 with FormAuthenticator

use of org.eclipse.jetty.security.authentication.FormAuthenticator in project drill by apache.

the class WebServer method createSecurityHandler.

/**
   * @return {@link SecurityHandler} with appropriate {@link LoginService}, {@link Authenticator} and constraints.
   */
private ConstraintSecurityHandler createSecurityHandler() {
    ConstraintSecurityHandler security = new ConstraintSecurityHandler();
    Set<String> knownRoles = ImmutableSet.of(AUTHENTICATED_ROLE, ADMIN_ROLE);
    security.setConstraintMappings(Collections.<ConstraintMapping>emptyList(), knownRoles);
    security.setAuthenticator(new FormAuthenticator("/login", "/login", true));
    security.setLoginService(new DrillRestLoginService(workManager.getContext()));
    return security;
}
Also used : ConstraintSecurityHandler(org.eclipse.jetty.security.ConstraintSecurityHandler) FormAuthenticator(org.eclipse.jetty.security.authentication.FormAuthenticator) DrillRestLoginService(org.apache.drill.exec.server.rest.auth.DrillRestLoginService)

Example 7 with FormAuthenticator

use of org.eclipse.jetty.security.authentication.FormAuthenticator in project jetty.project by eclipse.

the class ConstraintTest method testFormDispatch.

@Test
public void testFormDispatch() throws Exception {
    _security.setAuthenticator(new FormAuthenticator("/testLoginPage", "/testErrorPage", true));
    _server.start();
    String response;
    response = _connector.getResponse("GET /ctx/noauth/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
    response = _connector.getResponse("GET /ctx/forbid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 403 Forbidden"));
    response = _connector.getResponse("GET /ctx/auth/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.containsString("Cache-Control: no-cache"));
    Assert.assertThat(response, Matchers.containsString("Expires"));
    Assert.assertThat(response, Matchers.containsString("URI=/ctx/testLoginPage"));
    String session = response.substring(response.indexOf("JSESSIONID=") + 11, response.indexOf(";Path=/ctx"));
    response = _connector.getResponse("POST /ctx/j_security_check HTTP/1.0\r\n" + "Cookie: JSESSIONID=" + session + "\r\n" + "Content-Type: application/x-www-form-urlencoded\r\n" + "Content-Length: 31\r\n" + "\r\n" + "j_username=user&j_password=wrong\r\n");
    Assert.assertThat(response, Matchers.containsString("testErrorPage"));
    response = _connector.getResponse("POST /ctx/j_security_check HTTP/1.0\r\n" + "Cookie: JSESSIONID=" + session + "\r\n" + "Content-Type: application/x-www-form-urlencoded\r\n" + "Content-Length: 35\r\n" + "\r\n" + "j_username=user&j_password=password\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 302 "));
    Assert.assertThat(response, Matchers.containsString("Location"));
    Assert.assertThat(response, Matchers.containsString("Location"));
    Assert.assertThat(response, Matchers.containsString("/ctx/auth/info"));
    session = response.substring(response.indexOf("JSESSIONID=") + 11, response.indexOf(";Path=/ctx"));
    response = _connector.getResponse("GET /ctx/auth/info HTTP/1.0\r\n" + "Cookie: JSESSIONID=" + session + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
    response = _connector.getResponse("GET /ctx/admin/info HTTP/1.0\r\n" + "Cookie: JSESSIONID=" + session + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 403"));
    Assert.assertThat(response, Matchers.containsString("!role"));
}
Also used : FormAuthenticator(org.eclipse.jetty.security.authentication.FormAuthenticator) Test(org.junit.Test)

Example 8 with FormAuthenticator

use of org.eclipse.jetty.security.authentication.FormAuthenticator in project jetty.project by eclipse.

the class ConstraintTest method testStrictFormDispatch.

@Test
public void testStrictFormDispatch() throws Exception {
    _security.setAuthenticator(new FormAuthenticator("/testLoginPage", "/testErrorPage", true));
    _server.start();
    String response;
    response = _connector.getResponse("GET /ctx/noauth/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
    response = _connector.getResponse("GET /ctx/forbid/info HTTP/1.0\r\n\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 403 Forbidden"));
    response = _connector.getResponse("GET /ctx/auth/info HTTP/1.0\r\n\r\n");
    // assertThat(response,containsString(" 302 Found"));
    // assertThat(response,containsString("/ctx/testLoginPage"));
    Assert.assertThat(response, Matchers.containsString("Cache-Control: no-cache"));
    Assert.assertThat(response, Matchers.containsString("Expires"));
    Assert.assertThat(response, Matchers.containsString("URI=/ctx/testLoginPage"));
    String session = response.substring(response.indexOf("JSESSIONID=") + 11, response.indexOf(";Path=/ctx"));
    response = _connector.getResponse("POST /ctx/j_security_check HTTP/1.0\r\n" + "Cookie: JSESSIONID=" + session + "\r\n" + "Content-Type: application/x-www-form-urlencoded\r\n" + "Content-Length: 31\r\n" + "\r\n" + "j_username=user&j_password=wrong\r\n");
    // assertThat(response,containsString("Location"));
    Assert.assertThat(response, Matchers.containsString("testErrorPage"));
    response = _connector.getResponse("POST /ctx/j_security_check HTTP/1.0\r\n" + "Cookie: JSESSIONID=" + session + "\r\n" + "Content-Type: application/x-www-form-urlencoded\r\n" + "Content-Length: 36\r\n" + "\r\n" + "j_username=user0&j_password=password\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 302 "));
    Assert.assertThat(response, Matchers.containsString("Location"));
    Assert.assertThat(response, Matchers.containsString("/ctx/auth/info"));
    session = response.substring(response.indexOf("JSESSIONID=") + 11, response.indexOf(";Path=/ctx"));
    response = _connector.getResponse("GET /ctx/auth/info HTTP/1.0\r\n" + "Cookie: JSESSIONID=" + session + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 403"));
    Assert.assertThat(response, Matchers.containsString("!role"));
    response = _connector.getResponse("GET /ctx/admin/info HTTP/1.0\r\n" + "Cookie: JSESSIONID=" + session + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 403"));
    Assert.assertThat(response, Matchers.containsString("!role"));
    // log in again as user2
    response = _connector.getResponse("GET /ctx/auth/info HTTP/1.0\r\n\r\n");
    //        assertThat(response,startsWith("HTTP/1.1 302 "));
    //        assertThat(response,containsString("testLoginPage"));
    session = response.substring(response.indexOf("JSESSIONID=") + 11, response.indexOf(";Path=/ctx"));
    response = _connector.getResponse("POST /ctx/j_security_check HTTP/1.0\r\n" + "Cookie: JSESSIONID=" + session + "\r\n" + "Content-Type: application/x-www-form-urlencoded\r\n" + "Content-Length: 36\r\n" + "\r\n" + "j_username=user2&j_password=password\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 302 "));
    Assert.assertThat(response, Matchers.containsString("Location"));
    Assert.assertThat(response, Matchers.containsString("/ctx/auth/info"));
    session = response.substring(response.indexOf("JSESSIONID=") + 11, response.indexOf(";Path=/ctx"));
    response = _connector.getResponse("GET /ctx/auth/info HTTP/1.0\r\n" + "Cookie: JSESSIONID=" + session + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
    response = _connector.getResponse("GET /ctx/admin/info HTTP/1.0\r\n" + "Cookie: JSESSIONID=" + session + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 403"));
    Assert.assertThat(response, Matchers.containsString("!role"));
    // log in again as admin
    response = _connector.getResponse("GET /ctx/auth/info HTTP/1.0\r\n\r\n");
    //        assertThat(response,startsWith("HTTP/1.1 302 "));
    //        assertThat(response,containsString("testLoginPage"));
    session = response.substring(response.indexOf("JSESSIONID=") + 11, response.indexOf(";Path=/ctx"));
    response = _connector.getResponse("POST /ctx/j_security_check HTTP/1.0\r\n" + "Cookie: JSESSIONID=" + session + "\r\n" + "Content-Type: application/x-www-form-urlencoded\r\n" + "Content-Length: 36\r\n" + "\r\n" + "j_username=admin&j_password=password\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 302 "));
    Assert.assertThat(response, Matchers.containsString("Location"));
    Assert.assertThat(response, Matchers.containsString("/ctx/auth/info"));
    session = response.substring(response.indexOf("JSESSIONID=") + 11, response.indexOf(";Path=/ctx"));
    response = _connector.getResponse("GET /ctx/auth/info HTTP/1.0\r\n" + "Cookie: JSESSIONID=" + session + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
    response = _connector.getResponse("GET /ctx/admin/info HTTP/1.0\r\n" + "Cookie: JSESSIONID=" + session + "\r\n" + "\r\n");
    Assert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
}
Also used : FormAuthenticator(org.eclipse.jetty.security.authentication.FormAuthenticator) Test(org.junit.Test)

Example 9 with FormAuthenticator

use of org.eclipse.jetty.security.authentication.FormAuthenticator in project jetty.project by eclipse.

the class DefaultAuthenticatorFactory method getAuthenticator.

public Authenticator getAuthenticator(Server server, ServletContext context, AuthConfiguration configuration, IdentityService identityService, LoginService loginService) {
    String auth = configuration.getAuthMethod();
    Authenticator authenticator = null;
    if (auth == null || Constraint.__BASIC_AUTH.equalsIgnoreCase(auth))
        authenticator = new BasicAuthenticator();
    else if (Constraint.__DIGEST_AUTH.equalsIgnoreCase(auth))
        authenticator = new DigestAuthenticator();
    else if (Constraint.__FORM_AUTH.equalsIgnoreCase(auth))
        authenticator = new FormAuthenticator();
    else if (Constraint.__SPNEGO_AUTH.equalsIgnoreCase(auth))
        authenticator = new SpnegoAuthenticator();
    else if (// see Bug #377076
    Constraint.__NEGOTIATE_AUTH.equalsIgnoreCase(auth))
        authenticator = new SpnegoAuthenticator(Constraint.__NEGOTIATE_AUTH);
    if (Constraint.__CERT_AUTH.equalsIgnoreCase(auth) || Constraint.__CERT_AUTH2.equalsIgnoreCase(auth))
        authenticator = new ClientCertAuthenticator();
    return authenticator;
}
Also used : BasicAuthenticator(org.eclipse.jetty.security.authentication.BasicAuthenticator) ClientCertAuthenticator(org.eclipse.jetty.security.authentication.ClientCertAuthenticator) DigestAuthenticator(org.eclipse.jetty.security.authentication.DigestAuthenticator) FormAuthenticator(org.eclipse.jetty.security.authentication.FormAuthenticator) SpnegoAuthenticator(org.eclipse.jetty.security.authentication.SpnegoAuthenticator) SpnegoAuthenticator(org.eclipse.jetty.security.authentication.SpnegoAuthenticator) ClientCertAuthenticator(org.eclipse.jetty.security.authentication.ClientCertAuthenticator) DigestAuthenticator(org.eclipse.jetty.security.authentication.DigestAuthenticator) FormAuthenticator(org.eclipse.jetty.security.authentication.FormAuthenticator) BasicAuthenticator(org.eclipse.jetty.security.authentication.BasicAuthenticator)

Aggregations

FormAuthenticator (org.eclipse.jetty.security.authentication.FormAuthenticator)9 Test (org.junit.Test)6 BasicAuthenticator (org.eclipse.jetty.security.authentication.BasicAuthenticator)2 ClientCertAuthenticator (org.eclipse.jetty.security.authentication.ClientCertAuthenticator)2 DigestAuthenticator (org.eclipse.jetty.security.authentication.DigestAuthenticator)2 SpnegoAuthenticator (org.eclipse.jetty.security.authentication.SpnegoAuthenticator)2 DrillRestLoginService (org.apache.drill.exec.server.rest.auth.DrillRestLoginService)1 ConstraintSecurityHandler (org.eclipse.jetty.security.ConstraintSecurityHandler)1 Constraint (org.eclipse.jetty.util.security.Constraint)1