Example 16 with Constraint
use of org.eclipse.jetty.util.security.Constraint in project jetty.project by eclipse.
the class DigestPostTest method setUpServer.
@BeforeClass
public static void setUpServer() {
try {
_server = new Server();
_server.setConnectors(new Connector[] { new ServerConnector(_server) });
ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SECURITY);
context.setContextPath("/test");
context.addServlet(PostServlet.class, "/");
TestLoginService realm = new TestLoginService("test");
realm.putUser("testuser", new Password("password"), new String[] { "test" });
_server.addBean(realm);
ConstraintSecurityHandler security = (ConstraintSecurityHandler) context.getSecurityHandler();
security.setAuthenticator(new DigestAuthenticator());
security.setLoginService(realm);
Constraint constraint = new Constraint("SecureTest", "test");
constraint.setAuthenticate(true);
ConstraintMapping mapping = new ConstraintMapping();
mapping.setConstraint(constraint);
mapping.setPathSpec("/*");
security.setConstraintMappings(Collections.singletonList(mapping));
HandlerCollection handlers = new HandlerCollection();
handlers.setHandlers(new Handler[] { context, new DefaultHandler() });
_server.setHandler(handlers);
_server.start();
} catch (final Exception e) {
e.printStackTrace();
}
}
Also used :
ServerConnector(org.eclipse.jetty.server.ServerConnector)
ConstraintMapping(org.eclipse.jetty.security.ConstraintMapping)
Server(org.eclipse.jetty.server.Server)
DigestAuthenticator(org.eclipse.jetty.security.authentication.DigestAuthenticator)
Constraint(org.eclipse.jetty.util.security.Constraint)
ConstraintSecurityHandler(org.eclipse.jetty.security.ConstraintSecurityHandler)
HandlerCollection(org.eclipse.jetty.server.handler.HandlerCollection)
ServletContextHandler(org.eclipse.jetty.servlet.ServletContextHandler)
IOException(java.io.IOException)
Password(org.eclipse.jetty.util.security.Password)
DefaultHandler(org.eclipse.jetty.server.handler.DefaultHandler)
BeforeClass(org.junit.BeforeClass)
Example 17 with Constraint
use of org.eclipse.jetty.util.security.Constraint in project jena by apache.
the class SPARQLServer method buildServer.
// Later : private and in constructor.
private ServletContextHandler buildServer(String jettyConfig, boolean enableCompression) {
if (jettyConfig != null) {
// --jetty-config=jetty-fuseki.xml
// for detailed configuration of the server using Jetty features.
server = configServer(jettyConfig);
} else
server = defaultServerConfig(serverConfig.port, serverConfig.loopback);
// Keep the server to a maximum number of threads.
// server.setThreadPool(new QueuedThreadPool(ThreadPoolSize)) ;
ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
context.setErrorHandler(new FusekiErrorHandler());
context.addEventListener(new FusekiServletContextListener(this));
// Increase form size.
context.getServletContext().getContextHandler().setMaxFormContentSize(10 * 1000 * 1000);
// Wire up authentication if appropriate
if (jettyConfig == null && serverConfig.authConfigFile != null) {
Constraint constraint = new Constraint();
constraint.setName(Constraint.__BASIC_AUTH);
constraint.setRoles(new String[] { "fuseki" });
constraint.setAuthenticate(true);
ConstraintMapping mapping = new ConstraintMapping();
mapping.setConstraint(constraint);
mapping.setPathSpec("/*");
IdentityService identService = new DefaultIdentityService();
ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
securityHandler.addConstraintMapping(mapping);
securityHandler.setIdentityService(identService);
HashLoginService loginService = new HashLoginService("Fuseki Authentication", serverConfig.authConfigFile);
loginService.setIdentityService(identService);
securityHandler.setLoginService(loginService);
securityHandler.setAuthenticator(new BasicAuthenticator());
context.setSecurityHandler(securityHandler);
serverLog.debug("Basic Auth Configuration = " + serverConfig.authConfigFile);
}
// Wire up context handler to server
server.setHandler(context);
// Constants. Add RDF types.
MimeTypes mt = new MimeTypes();
mt.addMimeMapping("rdf", WebContent.contentTypeRDFXML + ";charset=utf-8");
mt.addMimeMapping("ttl", WebContent.contentTypeTurtle + ";charset=utf-8");
mt.addMimeMapping("nt", WebContent.contentTypeNTriples + ";charset=ascii");
mt.addMimeMapping("nq", WebContent.contentTypeNQuads + ";charset=ascii");
mt.addMimeMapping("trig", WebContent.contentTypeTriG + ";charset=utf-8");
// mt.addMimeMapping("tpl", "text/html;charset=utf-8") ;
context.setMimeTypes(mt);
server.setHandler(context);
serverLog.debug("Pages = " + serverConfig.pages);
boolean installManager = true;
boolean installServices = true;
String validationRoot = "/validate";
if (installManager || installServices) {
// TODO Respect port.
if (serverConfig.pagesPort != serverConfig.port)
serverLog.warn("Not supported yet - pages on a different port to services");
if (serverConfig.pages != null) {
if (!FileOps.exists(serverConfig.pages))
serverLog.warn("No pages directory - " + serverConfig.pages);
String base = serverConfig.pages;
Map<String, Object> data = new HashMap<>();
data.put("mgt", new MgtFunctions());
SimpleVelocityServlet templateEngine = new SimpleVelocityServlet(base, data);
addServlet(context, templateEngine, "*.tpl", false);
}
}
if (installManager) {
// Action when control panel selects a dataset.
HttpServlet datasetChooser = new ActionDataset();
addServlet(context, datasetChooser, PageNames.actionDatasetNames, false);
}
if (installServices) {
// Validators
HttpServlet validateQuery = new QueryValidator();
HttpServlet validateUpdate = new UpdateValidator();
HttpServlet validateData = new DataValidator();
HttpServlet validateIRI = new IRIValidator();
HttpServlet dumpService = new DumpServlet();
HttpServlet generalQueryService = new SPARQL_QueryGeneral();
addServlet(context, validateQuery, validationRoot + "/query", false);
addServlet(context, validateUpdate, validationRoot + "/update", false);
addServlet(context, validateData, validationRoot + "/data", false);
addServlet(context, validateIRI, validationRoot + "/iri", false);
// general query processor.
addServlet(context, generalQueryService, HttpNames.ServiceGeneralQuery, enableCompression);
}
if (installManager || installServices) {
String[] files = { "fuseki.html", "index.html" };
context.setWelcomeFiles(files);
addContent(context, "/", serverConfig.pages);
}
return context;
}
Also used :
Constraint(org.eclipse.jetty.util.security.Constraint)
MgtFunctions(org.apache.jena.fuseki.mgt.MgtFunctions)
BasicAuthenticator(org.eclipse.jetty.security.authentication.BasicAuthenticator)
IRIValidator(org.apache.jena.fuseki.validation.IRIValidator)
ActionDataset(org.apache.jena.fuseki.mgt.ActionDataset)
HttpServlet(javax.servlet.http.HttpServlet)
MimeTypes(org.eclipse.jetty.http.MimeTypes)
UpdateValidator(org.apache.jena.fuseki.validation.UpdateValidator)
QueryValidator(org.apache.jena.fuseki.validation.QueryValidator)
DataValidator(org.apache.jena.fuseki.validation.DataValidator)
ServletContextHandler(org.eclipse.jetty.servlet.ServletContextHandler)
Example 18 with Constraint
use of org.eclipse.jetty.util.security.Constraint in project jena by apache.
the class JettyFuseki method security.
// This is now provided by Shiro.
private static void security(ServletContextHandler context, String authfile) {
Constraint constraint = new Constraint();
constraint.setName(Constraint.__BASIC_AUTH);
constraint.setRoles(new String[] { "fuseki" });
constraint.setAuthenticate(true);
ConstraintMapping mapping = new ConstraintMapping();
mapping.setConstraint(constraint);
mapping.setPathSpec("/*");
IdentityService identService = new DefaultIdentityService();
ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
securityHandler.addConstraintMapping(mapping);
securityHandler.setIdentityService(identService);
HashLoginService loginService = new HashLoginService("Fuseki Authentication", authfile);
loginService.setIdentityService(identService);
securityHandler.setLoginService(loginService);
securityHandler.setAuthenticator(new BasicAuthenticator());
context.setSecurityHandler(securityHandler);
serverLog.debug("Basic Auth Configuration = " + authfile);
}
Also used :
BasicAuthenticator(org.eclipse.jetty.security.authentication.BasicAuthenticator)
Constraint(org.eclipse.jetty.util.security.Constraint)
Example 19 with Constraint
use of org.eclipse.jetty.util.security.Constraint in project blade by biezhi.
the class ConstraintSecurityHandler method createConstraintsWithMappingsForPath.
/* ------------------------------------------------------------ */
/**
* Generate Constraints and ContraintMappings for the given url pattern and ServletSecurityElement
*
* @param name the name
* @param pathSpec the path spec
* @param securityElement the servlet security element
* @return the list of constraint mappings
*/
public static List<ConstraintMapping> createConstraintsWithMappingsForPath(String name, String pathSpec, ServletSecurityElement securityElement) {
List<ConstraintMapping> mappings = new ArrayList<ConstraintMapping>();
//Create a constraint that will describe the default case (ie if not overridden by specific HttpMethodConstraints)
Constraint httpConstraint = null;
ConstraintMapping httpConstraintMapping = null;
if (securityElement.getEmptyRoleSemantic() != EmptyRoleSemantic.PERMIT || securityElement.getRolesAllowed().length != 0 || securityElement.getTransportGuarantee() != TransportGuarantee.NONE) {
httpConstraint = ConstraintSecurityHandler.createConstraint(name, securityElement);
//Create a mapping for the pathSpec for the default case
httpConstraintMapping = new ConstraintMapping();
httpConstraintMapping.setPathSpec(pathSpec);
httpConstraintMapping.setConstraint(httpConstraint);
mappings.add(httpConstraintMapping);
}
//See Spec 13.4.1.2 p127
List<String> methodOmissions = new ArrayList<String>();
//make constraint mappings for this url for each of the HttpMethodConstraintElements
Collection<HttpMethodConstraintElement> methodConstraintElements = securityElement.getHttpMethodConstraints();
if (methodConstraintElements != null) {
for (HttpMethodConstraintElement methodConstraintElement : methodConstraintElements) {
//Make a Constraint that captures the <auth-constraint> and <user-data-constraint> elements supplied for the HttpMethodConstraintElement
Constraint methodConstraint = ConstraintSecurityHandler.createConstraint(name, methodConstraintElement);
ConstraintMapping mapping = new ConstraintMapping();
mapping.setConstraint(methodConstraint);
mapping.setPathSpec(pathSpec);
if (methodConstraintElement.getMethodName() != null) {
mapping.setMethod(methodConstraintElement.getMethodName());
//See spec 13.4.1.2 p127 - add an omission for every method name to the default constraint
methodOmissions.add(methodConstraintElement.getMethodName());
}
mappings.add(mapping);
}
}
//UNLESS the default constraint contains all default values. In that case, we won't add it. See Servlet Spec 3.1 pg 129
if (methodOmissions.size() > 0 && httpConstraintMapping != null)
httpConstraintMapping.setMethodOmissions(methodOmissions.toArray(new String[methodOmissions.size()]));
return mappings;
}
Also used :
Constraint(org.eclipse.jetty.util.security.Constraint)
ArrayList(java.util.ArrayList)
CopyOnWriteArrayList(java.util.concurrent.CopyOnWriteArrayList)
HttpMethodConstraintElement(javax.servlet.HttpMethodConstraintElement)
Example 20 with Constraint
use of org.eclipse.jetty.util.security.Constraint in project blade by biezhi.
the class ConstraintSecurityHandler method createConstraint.
/* ------------------------------------------------------------ */
/**
* Create a security constraint
*
* @param name the name of the constraint
* @param authenticate true to authenticate
* @param roles list of roles
* @param dataConstraint the data constraint
* @return the constraint
*/
public static Constraint createConstraint(String name, boolean authenticate, String[] roles, int dataConstraint) {
Constraint constraint = createConstraint();
if (name != null)
constraint.setName(name);
constraint.setAuthenticate(authenticate);
constraint.setRoles(roles);
constraint.setDataConstraint(dataConstraint);
return constraint;
}
Also used :
Constraint(org.eclipse.jetty.util.security.Constraint)
Aggregations
Constraint (org.eclipse.jetty.util.security.Constraint)78
ConstraintMapping (org.eclipse.jetty.security.ConstraintMapping)46
ConstraintSecurityHandler (org.eclipse.jetty.security.ConstraintSecurityHandler)34
BasicAuthenticator (org.eclipse.jetty.security.authentication.BasicAuthenticator)27
HashLoginService (org.eclipse.jetty.security.HashLoginService)20
Test (org.junit.Test)15
Server (org.eclipse.jetty.server.Server)13
ArrayList (java.util.ArrayList)9
WebAppContext (org.eclipse.jetty.webapp.WebAppContext)8
Password (org.eclipse.jetty.util.security.Password)7
HashSet (java.util.HashSet)6
File (java.io.File)5
IOException (java.io.IOException)5
ResourceHandler (org.eclipse.jetty.server.handler.ResourceHandler)5
LoginService (org.eclipse.jetty.security.LoginService)4
ServerConnector (org.eclipse.jetty.server.ServerConnector)4
ContextHandler (org.eclipse.jetty.server.handler.ContextHandler)4
HandlerList (org.eclipse.jetty.server.handler.HandlerList)4
ServletContextHandler (org.eclipse.jetty.servlet.ServletContextHandler)4
ServletHolder (org.eclipse.jetty.servlet.ServletHolder)4
