public static final SecurityHandler basicAuth(AuthConfig config) { ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); securityHandler.setAuthenticator(new BasicAuthenticator()); securityHandler.setRealmName(config.getRealm()); ConstraintMapping constraintMapping = new ConstraintMapping(); Constraint constraint = new Constraint(Constraint.__BASIC_AUTH, USER_ROLE); constraint.setAuthenticate(true); constraintMapping.setConstraint(constraint); constraintMapping.setPathSpec("/*"); securityHandler.addConstraintMapping(constraintMapping); HashLoginService loginService = new HashLoginService(); loginService.putUser( config.getUsername(), Credential.getCredential(config.getPassword()), new String[] {USER_ROLE}); loginService.setName(config.getRealm()); securityHandler.setLoginService(loginService); return securityHandler; }
public static final void main(String args[]) throws Exception { // Create the server Server server = new Server(8080); // Enable parsing of jndi-related parts of web.xml and jetty-env.xml org.eclipse.jetty.webapp.Configuration.ClassList classlist = org.eclipse.jetty.webapp.Configuration.ClassList.setServerDefault(server); classlist.addAfter( "org.eclipse.jetty.webapp.FragmentConfiguration", "org.eclipse.jetty.plus.webapp.EnvConfiguration", "org.eclipse.jetty.plus.webapp.PlusConfiguration"); classlist.addBefore( "org.eclipse.jetty.webapp.JettyWebXmlConfiguration", "org.eclipse.jetty.annotations.AnnotationConfiguration"); // Create a WebApp WebAppContext webapp = new WebAppContext(); webapp.setContextPath("/"); webapp.setWar( "../../tests/test-webapps/test-servlet-spec/test-spec-webapp/target/test-spec-webapp-9.1.0-SNAPSHOT.war"); webapp.setAttribute( "org.eclipse.jetty.server.webapp.ContainerIncludeJarPattern", ".*/javax.servlet-[^/]*\\.jar$|.*/servlet-api-[^/]*\\.jar$"); server.setHandler(webapp); // Register new transaction manager in JNDI // At runtime, the webapp accesses this as java:comp/UserTransaction org.eclipse.jetty.plus.jndi.Transaction transactionMgr = new org.eclipse.jetty.plus.jndi.Transaction(new com.acme.MockUserTransaction()); // Define an env entry with webapp scope. org.eclipse.jetty.plus.jndi.EnvEntry maxAmount = new org.eclipse.jetty.plus.jndi.EnvEntry(webapp, "maxAmount", new Double(100), true); // Register a mock DataSource scoped to the webapp org.eclipse.jetty.plus.jndi.Resource mydatasource = new org.eclipse.jetty.plus.jndi.Resource( webapp, "jdbc/mydatasource", new com.acme.MockDataSource()); // Configure a LoginService HashLoginService loginService = new HashLoginService(); loginService.setName("Test Realm"); loginService.setConfig("src/test/resources/realm.properties"); server.addBean(loginService); server.start(); server.join(); }
/** Creates a basic auth security handler. */ private SecurityHandler createSecurityHandler() { HashLoginService l = new HashLoginService(); for (String[] userInfo : TestUsers.USERS) { String user = userInfo[0]; String pwd = userInfo[1]; String[] roles = new String[] {"apiuser"}; if (user.startsWith("admin")) roles = new String[] {"apiuser", "apiadmin"}; l.putUser(user, Credential.getCredential(pwd), roles); } l.setName("apimanrealm"); ConstraintSecurityHandler csh = new ConstraintSecurityHandler(); csh.setAuthenticator(new BasicAuthenticator()); csh.setRealmName("apimanrealm"); csh.setLoginService(l); return csh; }
public Server getJettyServer(int port, int sslPort, int maxThreads) throws IOException { Server server = new Server(); HandlerCollection handlers = new HandlerCollection(); ContextHandlerCollection contexts = new ContextHandlerCollection(); server.setThreadPool(new QueuedThreadPool(maxThreads)); SslSocketConnector sslSocketConnector = null; if (sslPort > 0) { System.out.println("SSL is Starting on port " + sslPort + "..."); sslSocketConnector = new SslSocketConnector(); sslSocketConnector.setPort(getContainerConfig().getSSLPort()); sslSocketConnector.setKeystore("conf/servertestkeystore"); sslSocketConnector.setPassword(getContainerConfig().getSSLKeyPassword()); sslSocketConnector.setKeyPassword(getContainerConfig().getSSLKeyStorePassword()); sslSocketConnector.setTruststore("conf/servertestkeystore"); sslSocketConnector.setTrustPassword(getContainerConfig().getSSLKeyStorePassword()); } else if (getContainerConfig().isAcEnabled()) logger.error("SSL MUST be configured in the gsn.xml file when Access Control is enabled !"); AbstractConnector connector = new SelectChannelConnector(); // before was connector//new SocketConnector ();//using basic // connector for windows bug; Fast // option=>SelectChannelConnector connector.setPort(port); connector.setMaxIdleTime(30000); connector.setAcceptors(2); connector.setConfidentialPort(sslPort); if (sslSocketConnector == null) server.setConnectors(new Connector[] {connector}); else server.setConnectors(new Connector[] {connector, sslSocketConnector}); WebAppContext webAppContext = new WebAppContext(contexts, DEFAULT_WEB_APP_PATH, "/"); handlers.setHandlers(new Handler[] {contexts, new DefaultHandler()}); server.setHandler(handlers); Properties usernames = new Properties(); usernames.load(new FileReader("conf/realm.properties")); if (!usernames.isEmpty()) { HashLoginService loginService = new HashLoginService(); loginService.setName("GSNRealm"); loginService.setConfig("conf/realm.properties"); loginService.setRefreshInterval(10000); // re-reads the file every 10 seconds. Constraint constraint = new Constraint(); constraint.setName("GSN User"); constraint.setRoles(new String[] {"gsnuser"}); constraint.setAuthenticate(true); ConstraintMapping cm = new ConstraintMapping(); cm.setConstraint(constraint); cm.setPathSpec("/*"); cm.setMethod("GET"); ConstraintMapping cm2 = new ConstraintMapping(); cm2.setConstraint(constraint); cm2.setPathSpec("/*"); cm2.setMethod("POST"); ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); securityHandler.setLoginService(loginService); securityHandler.setConstraintMappings(new ConstraintMapping[] {cm, cm2}); securityHandler.setAuthenticator(new BasicAuthenticator()); webAppContext.setSecurityHandler(securityHandler); } server.setSendServerVersion(true); server.setStopAtShutdown(true); server.setSendServerVersion(false); server.setSessionIdManager(new HashSessionIdManager(new Random())); return server; }
public static void main(String[] args) throws Exception { String jetty_home = System.getProperty("jetty.home", "../../jetty-distribution/target/distribution"); System.setProperty("jetty.home", jetty_home); // Setup Threadpool QueuedThreadPool threadPool = new QueuedThreadPool(512); Server server = new Server(threadPool); server.manage(threadPool); server.setDumpAfterStart(false); server.setDumpBeforeStop(false); // Setup JMX MBeanContainer mbContainer = new MBeanContainer(ManagementFactory.getPlatformMBeanServer()); server.addBean(mbContainer); // Common HTTP configuration HttpConfiguration config = new HttpConfiguration(); config.setSecurePort(8443); config.addCustomizer(new ForwardedRequestCustomizer()); config.addCustomizer(new SecureRequestCustomizer()); config.setSendServerVersion(true); // Http Connector HttpConnectionFactory http = new HttpConnectionFactory(config); ServerConnector httpConnector = new ServerConnector(server, http); httpConnector.setPort(8080); httpConnector.setIdleTimeout(10000); server.addConnector(httpConnector); // SSL configurations SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(jetty_home + "/etc/keystore"); sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"); sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g"); sslContextFactory.setTrustStorePath(jetty_home + "/etc/keystore"); sslContextFactory.setTrustStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"); sslContextFactory.setExcludeCipherSuites( "SSL_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"); // Spdy Connector SPDYServerConnectionFactory.checkNPNAvailable(); PushStrategy push = new ReferrerPushStrategy(); HTTPSPDYServerConnectionFactory spdy2 = new HTTPSPDYServerConnectionFactory(2, config, push); spdy2.setInputBufferSize(8192); spdy2.setInitialWindowSize(32768); HTTPSPDYServerConnectionFactory spdy3 = new HTTPSPDYServerConnectionFactory(3, config, push); spdy2.setInputBufferSize(8192); NPNServerConnectionFactory npn = new NPNServerConnectionFactory( spdy3.getProtocol(), spdy2.getProtocol(), http.getProtocol()); npn.setDefaultProtocol(http.getProtocol()); npn.setInputBufferSize(1024); SslConnectionFactory ssl = new SslConnectionFactory(sslContextFactory, npn.getProtocol()); ServerConnector spdyConnector = new ServerConnector(server, ssl, npn, spdy3, spdy2, http); spdyConnector.setPort(8443); server.addConnector(spdyConnector); // Setup handlers HandlerCollection handlers = new HandlerCollection(); ContextHandlerCollection contexts = new ContextHandlerCollection(); RequestLogHandler requestLogHandler = new RequestLogHandler(); handlers.setHandlers(new Handler[] {contexts, new DefaultHandler(), requestLogHandler}); StatisticsHandler stats = new StatisticsHandler(); stats.setHandler(handlers); server.setHandler(stats); // Setup deployers DeploymentManager deployer = new DeploymentManager(); deployer.setContexts(contexts); server.addBean(deployer); WebAppProvider webapp_provider = new WebAppProvider(); webapp_provider.setMonitoredDirName(jetty_home + "/webapps"); webapp_provider.setParentLoaderPriority(false); webapp_provider.setExtractWars(true); webapp_provider.setScanInterval(2); webapp_provider.setDefaultsDescriptor(jetty_home + "/etc/webdefault.xml"); deployer.addAppProvider(webapp_provider); HashLoginService login = new HashLoginService(); login.setName("Test Realm"); login.setConfig(jetty_home + "/etc/realm.properties"); server.addBean(login); NCSARequestLog requestLog = new AsyncNCSARequestLog(); requestLog.setFilename(jetty_home + "/logs/jetty-yyyy_mm_dd.log"); requestLog.setExtended(false); requestLogHandler.setRequestLog(requestLog); server.setStopAtShutdown(true); server.start(); server.dumpStdErr(); server.join(); }