use of org.mortbay.jetty.security.SecurityHandler in project maven-plugins by apache.
the class ProjectInfoReportUtilsTest method startJetty.
private void startJetty(boolean isSSL, boolean withAuth) throws Exception {
jettyServer = new Server();
jettyServer.setStopAtShutdown(true);
Connector connector = (isSSL ? getSSLConnector() : getDefaultConnector());
jettyServer.setConnectors(new Connector[] { connector });
WebAppContext webapp = new WebAppContext();
webapp.setContextPath("/");
webapp.setResourceBase(getBasedir() + "/target/classes/");
webapp.setServer(jettyServer);
if (withAuth) {
Constraint constraint = new Constraint();
constraint.setName(Constraint.__BASIC_AUTH);
constraint.setRoles(new String[] { "user", "admin" });
constraint.setAuthenticate(true);
ConstraintMapping cm = new ConstraintMapping();
cm.setConstraint(constraint);
cm.setPathSpec("/*");
SecurityHandler sh = new SecurityHandler();
sh.setUserRealm(new HashUserRealm("MyRealm", getBasedir() + "/src/test/resources/realm.properties"));
sh.setConstraintMappings(new ConstraintMapping[] { cm });
webapp.addHandler(sh);
}
DefaultHandler defaultHandler = new DefaultHandler();
defaultHandler.setServer(jettyServer);
Handler[] handlers = new Handler[2];
handlers[0] = webapp;
handlers[1] = defaultHandler;
jettyServer.setHandlers(handlers);
jettyServer.start();
port = connector.getLocalPort();
}
use of org.mortbay.jetty.security.SecurityHandler in project exhibitor by soabase.
the class ExhibitorMain method addSecurityFile.
private void addSecurityFile(HashUserRealm realm, String securityFile, Context root) throws Exception {
// create a temp Jetty context to parse the security portion of the web.xml file
/*
TODO
This code assumes far too much internal knowledge of Jetty. I don't know
of simple way to parse the web.xml though and don't want to write it myself.
*/
final URL url = new URL("file", null, securityFile);
final WebXmlConfiguration webXmlConfiguration = new WebXmlConfiguration();
WebAppContext context = new WebAppContext();
context.setServer(server);
webXmlConfiguration.setWebAppContext(context);
ContextHandler contextHandler = new ContextHandler("/") {
@Override
protected void startContext() throws Exception {
super.startContext();
setServer(server);
webXmlConfiguration.configure(url.toString());
}
};
try {
SecurityHandler securityHandler = webXmlConfiguration.getWebAppContext().getSecurityHandler();
if (realm != null) {
securityHandler.setUserRealm(realm);
}
root.setSecurityHandler(securityHandler);
contextHandler.start();
} finally {
contextHandler.stop();
}
}
use of org.mortbay.jetty.security.SecurityHandler in project exhibitor by soabase.
the class ExhibitorCreator method makeSecurityHandler.
private SecurityHandler makeSecurityHandler(String realm, String consoleUser, String consolePassword, String curatorUser, String curatorPassword) {
HashUserRealm userRealm = new HashUserRealm(realm);
userRealm.put(consoleUser, Credential.getCredential(consolePassword));
userRealm.addUserToRole(consoleUser, "console");
userRealm.put(curatorUser, Credential.getCredential(curatorPassword));
userRealm.addUserToRole(curatorUser, "curator");
Constraint console = new Constraint();
console.setName("consoleauth");
console.setRoles(new String[] { "console" });
console.setAuthenticate(true);
Constraint curator = new Constraint();
curator.setName("curatorauth");
curator.setRoles(new String[] { "curator", "console" });
curator.setAuthenticate(true);
ConstraintMapping consoleMapping = new ConstraintMapping();
consoleMapping.setConstraint(console);
consoleMapping.setPathSpec("/*");
ConstraintMapping curatorMapping = new ConstraintMapping();
curatorMapping.setConstraint(curator);
curatorMapping.setPathSpec("/exhibitor/v1/cluster/list");
SecurityHandler handler = new SecurityHandler();
handler.setUserRealm(userRealm);
handler.setConstraintMappings(new ConstraintMapping[] { consoleMapping, curatorMapping });
handler.setAuthenticator(new BasicAuthenticator());
return handler;
}
use of org.mortbay.jetty.security.SecurityHandler in project sonatype-aether by sonatype.
the class HttpServer method newSecurityHandler.
protected Handler newSecurityHandler() {
List<ConstraintMapping> mappings = new ArrayList<ConstraintMapping>();
for (String pathSpec : securedRealms.keySet()) {
String[] roles = securedRealms.get(pathSpec);
Constraint constraint = new Constraint();
constraint.setName(Constraint.__BASIC_AUTH);
constraint.setRoles(roles);
constraint.setAuthenticate(true);
ConstraintMapping constraintMapping = new ConstraintMapping();
constraintMapping.setConstraint(constraint);
constraintMapping.setPathSpec(pathSpec);
mappings.add(constraintMapping);
}
HashUserRealm userRealm = new HashUserRealm("TestRealm");
for (String username : userPasswords.keySet()) {
String password = userPasswords.get(username);
String[] roles = userRoles.get(username);
userRealm.put(username, password);
if (roles != null) {
for (String role : roles) {
userRealm.addUserToRole(username, role);
}
}
}
SecurityHandler securityHandler = new SecurityHandler();
securityHandler.setUserRealm(userRealm);
securityHandler.setConstraintMappings(mappings.toArray(new ConstraintMapping[mappings.size()]));
return securityHandler;
}
Aggregations