public static final SecurityHandler basicAuth(AuthConfig config) {
ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
securityHandler.setAuthenticator(new BasicAuthenticator());
securityHandler.setRealmName(config.getRealm());
ConstraintMapping constraintMapping = new ConstraintMapping();
Constraint constraint = new Constraint(Constraint.__BASIC_AUTH, USER_ROLE);
constraint.setAuthenticate(true);
constraintMapping.setConstraint(constraint);
constraintMapping.setPathSpec("/*");
securityHandler.addConstraintMapping(constraintMapping);
HashLoginService loginService = new HashLoginService();
loginService.putUser(
config.getUsername(),
Credential.getCredential(config.getPassword()),
new String[] {USER_ROLE});
loginService.setName(config.getRealm());
securityHandler.setLoginService(loginService);
return securityHandler;
}
public static final void main(String args[]) throws Exception {
// Create the server
Server server = new Server(8080);
// Enable parsing of jndi-related parts of web.xml and jetty-env.xml
org.eclipse.jetty.webapp.Configuration.ClassList classlist =
org.eclipse.jetty.webapp.Configuration.ClassList.setServerDefault(server);
classlist.addAfter(
"org.eclipse.jetty.webapp.FragmentConfiguration",
"org.eclipse.jetty.plus.webapp.EnvConfiguration",
"org.eclipse.jetty.plus.webapp.PlusConfiguration");
classlist.addBefore(
"org.eclipse.jetty.webapp.JettyWebXmlConfiguration",
"org.eclipse.jetty.annotations.AnnotationConfiguration");
// Create a WebApp
WebAppContext webapp = new WebAppContext();
webapp.setContextPath("/");
webapp.setWar(
"../../tests/test-webapps/test-servlet-spec/test-spec-webapp/target/test-spec-webapp-9.1.0-SNAPSHOT.war");
webapp.setAttribute(
"org.eclipse.jetty.server.webapp.ContainerIncludeJarPattern",
".*/javax.servlet-[^/]*\\.jar$|.*/servlet-api-[^/]*\\.jar$");
server.setHandler(webapp);
// Register new transaction manager in JNDI
// At runtime, the webapp accesses this as java:comp/UserTransaction
org.eclipse.jetty.plus.jndi.Transaction transactionMgr =
new org.eclipse.jetty.plus.jndi.Transaction(new com.acme.MockUserTransaction());
// Define an env entry with webapp scope.
org.eclipse.jetty.plus.jndi.EnvEntry maxAmount =
new org.eclipse.jetty.plus.jndi.EnvEntry(webapp, "maxAmount", new Double(100), true);
// Register a mock DataSource scoped to the webapp
org.eclipse.jetty.plus.jndi.Resource mydatasource =
new org.eclipse.jetty.plus.jndi.Resource(
webapp, "jdbc/mydatasource", new com.acme.MockDataSource());
// Configure a LoginService
HashLoginService loginService = new HashLoginService();
loginService.setName("Test Realm");
loginService.setConfig("src/test/resources/realm.properties");
server.addBean(loginService);
server.start();
server.join();
}
/** Creates a basic auth security handler. */
private SecurityHandler createSecurityHandler() {
HashLoginService l = new HashLoginService();
for (String[] userInfo : TestUsers.USERS) {
String user = userInfo[0];
String pwd = userInfo[1];
String[] roles = new String[] {"apiuser"};
if (user.startsWith("admin")) roles = new String[] {"apiuser", "apiadmin"};
l.putUser(user, Credential.getCredential(pwd), roles);
}
l.setName("apimanrealm");
ConstraintSecurityHandler csh = new ConstraintSecurityHandler();
csh.setAuthenticator(new BasicAuthenticator());
csh.setRealmName("apimanrealm");
csh.setLoginService(l);
return csh;
}
public Server getJettyServer(int port, int sslPort, int maxThreads) throws IOException {
Server server = new Server();
HandlerCollection handlers = new HandlerCollection();
ContextHandlerCollection contexts = new ContextHandlerCollection();
server.setThreadPool(new QueuedThreadPool(maxThreads));
SslSocketConnector sslSocketConnector = null;
if (sslPort > 0) {
System.out.println("SSL is Starting on port " + sslPort + "...");
sslSocketConnector = new SslSocketConnector();
sslSocketConnector.setPort(getContainerConfig().getSSLPort());
sslSocketConnector.setKeystore("conf/servertestkeystore");
sslSocketConnector.setPassword(getContainerConfig().getSSLKeyPassword());
sslSocketConnector.setKeyPassword(getContainerConfig().getSSLKeyStorePassword());
sslSocketConnector.setTruststore("conf/servertestkeystore");
sslSocketConnector.setTrustPassword(getContainerConfig().getSSLKeyStorePassword());
} else if (getContainerConfig().isAcEnabled())
logger.error("SSL MUST be configured in the gsn.xml file when Access Control is enabled !");
AbstractConnector connector =
new SelectChannelConnector(); // before was connector//new SocketConnector ();//using basic
// connector for windows bug; Fast
// option=>SelectChannelConnector
connector.setPort(port);
connector.setMaxIdleTime(30000);
connector.setAcceptors(2);
connector.setConfidentialPort(sslPort);
if (sslSocketConnector == null) server.setConnectors(new Connector[] {connector});
else server.setConnectors(new Connector[] {connector, sslSocketConnector});
WebAppContext webAppContext = new WebAppContext(contexts, DEFAULT_WEB_APP_PATH, "/");
handlers.setHandlers(new Handler[] {contexts, new DefaultHandler()});
server.setHandler(handlers);
Properties usernames = new Properties();
usernames.load(new FileReader("conf/realm.properties"));
if (!usernames.isEmpty()) {
HashLoginService loginService = new HashLoginService();
loginService.setName("GSNRealm");
loginService.setConfig("conf/realm.properties");
loginService.setRefreshInterval(10000); // re-reads the file every 10 seconds.
Constraint constraint = new Constraint();
constraint.setName("GSN User");
constraint.setRoles(new String[] {"gsnuser"});
constraint.setAuthenticate(true);
ConstraintMapping cm = new ConstraintMapping();
cm.setConstraint(constraint);
cm.setPathSpec("/*");
cm.setMethod("GET");
ConstraintMapping cm2 = new ConstraintMapping();
cm2.setConstraint(constraint);
cm2.setPathSpec("/*");
cm2.setMethod("POST");
ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
securityHandler.setLoginService(loginService);
securityHandler.setConstraintMappings(new ConstraintMapping[] {cm, cm2});
securityHandler.setAuthenticator(new BasicAuthenticator());
webAppContext.setSecurityHandler(securityHandler);
}
server.setSendServerVersion(true);
server.setStopAtShutdown(true);
server.setSendServerVersion(false);
server.setSessionIdManager(new HashSessionIdManager(new Random()));
return server;
}
public static void main(String[] args) throws Exception {
String jetty_home =
System.getProperty("jetty.home", "../../jetty-distribution/target/distribution");
System.setProperty("jetty.home", jetty_home);
// Setup Threadpool
QueuedThreadPool threadPool = new QueuedThreadPool(512);
Server server = new Server(threadPool);
server.manage(threadPool);
server.setDumpAfterStart(false);
server.setDumpBeforeStop(false);
// Setup JMX
MBeanContainer mbContainer = new MBeanContainer(ManagementFactory.getPlatformMBeanServer());
server.addBean(mbContainer);
// Common HTTP configuration
HttpConfiguration config = new HttpConfiguration();
config.setSecurePort(8443);
config.addCustomizer(new ForwardedRequestCustomizer());
config.addCustomizer(new SecureRequestCustomizer());
config.setSendServerVersion(true);
// Http Connector
HttpConnectionFactory http = new HttpConnectionFactory(config);
ServerConnector httpConnector = new ServerConnector(server, http);
httpConnector.setPort(8080);
httpConnector.setIdleTimeout(10000);
server.addConnector(httpConnector);
// SSL configurations
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(jetty_home + "/etc/keystore");
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
sslContextFactory.setTrustStorePath(jetty_home + "/etc/keystore");
sslContextFactory.setTrustStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
sslContextFactory.setExcludeCipherSuites(
"SSL_RSA_WITH_DES_CBC_SHA",
"SSL_DHE_RSA_WITH_DES_CBC_SHA",
"SSL_DHE_DSS_WITH_DES_CBC_SHA",
"SSL_RSA_EXPORT_WITH_RC4_40_MD5",
"SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA");
// Spdy Connector
SPDYServerConnectionFactory.checkNPNAvailable();
PushStrategy push = new ReferrerPushStrategy();
HTTPSPDYServerConnectionFactory spdy2 = new HTTPSPDYServerConnectionFactory(2, config, push);
spdy2.setInputBufferSize(8192);
spdy2.setInitialWindowSize(32768);
HTTPSPDYServerConnectionFactory spdy3 = new HTTPSPDYServerConnectionFactory(3, config, push);
spdy2.setInputBufferSize(8192);
NPNServerConnectionFactory npn =
new NPNServerConnectionFactory(
spdy3.getProtocol(), spdy2.getProtocol(), http.getProtocol());
npn.setDefaultProtocol(http.getProtocol());
npn.setInputBufferSize(1024);
SslConnectionFactory ssl = new SslConnectionFactory(sslContextFactory, npn.getProtocol());
ServerConnector spdyConnector = new ServerConnector(server, ssl, npn, spdy3, spdy2, http);
spdyConnector.setPort(8443);
server.addConnector(spdyConnector);
// Setup handlers
HandlerCollection handlers = new HandlerCollection();
ContextHandlerCollection contexts = new ContextHandlerCollection();
RequestLogHandler requestLogHandler = new RequestLogHandler();
handlers.setHandlers(new Handler[] {contexts, new DefaultHandler(), requestLogHandler});
StatisticsHandler stats = new StatisticsHandler();
stats.setHandler(handlers);
server.setHandler(stats);
// Setup deployers
DeploymentManager deployer = new DeploymentManager();
deployer.setContexts(contexts);
server.addBean(deployer);
WebAppProvider webapp_provider = new WebAppProvider();
webapp_provider.setMonitoredDirName(jetty_home + "/webapps");
webapp_provider.setParentLoaderPriority(false);
webapp_provider.setExtractWars(true);
webapp_provider.setScanInterval(2);
webapp_provider.setDefaultsDescriptor(jetty_home + "/etc/webdefault.xml");
deployer.addAppProvider(webapp_provider);
HashLoginService login = new HashLoginService();
login.setName("Test Realm");
login.setConfig(jetty_home + "/etc/realm.properties");
server.addBean(login);
NCSARequestLog requestLog = new AsyncNCSARequestLog();
requestLog.setFilename(jetty_home + "/logs/jetty-yyyy_mm_dd.log");
requestLog.setExtended(false);
requestLogHandler.setRequestLog(requestLog);
server.setStopAtShutdown(true);
server.start();
server.dumpStdErr();
server.join();
}
