public InputStreamWrapper(InputStream is, byte[] boundary) {
_wrapped = is;
_boundary = Arrays.copyOf(BOUNDARY_PREFIX, BOUNDARY_PREFIX.length + boundary.length);
System.arraycopy(boundary, 0, _boundary, BOUNDARY_PREFIX.length, boundary.length);
_lookAheadBuf = new byte[_boundary.length];
_lookAheadLen = 0;
}
@SuppressWarnings("unused")
protected static void logRequest(
String method, HttpServletRequest request, HttpServletResponse response) {
Log.httpd(
method,
request.getRequestURI(),
getStatus(),
System.currentTimeMillis() - getStartMillis());
}
private int readInternal(byte b[], int off, int len) throws IOException {
if (len < _lookAheadLen) {
System.arraycopy(_lookAheadBuf, 0, b, off, len);
_lookAheadLen -= len;
System.arraycopy(_lookAheadBuf, len, _lookAheadBuf, 0, _lookAheadLen);
return len;
}
if (_lookAheadLen > 0) {
System.arraycopy(_lookAheadBuf, 0, b, off, _lookAheadLen);
off += _lookAheadLen;
len -= _lookAheadLen;
int r = Math.max(_wrapped.read(b, off, len), 0) + _lookAheadLen;
_lookAheadLen = 0;
return r;
} else {
return _wrapped.read(b, off, len);
}
}
private static void startRequestLifecycle() {
_startMillis.set(System.currentTimeMillis());
_status.set(999);
}
protected void createServer(Connector connector) throws Exception {
_server.setConnectors(new Connector[] {connector});
if (H2O.ARGS.hash_login || H2O.ARGS.ldap_login) {
// REFER TO
// http://www.eclipse.org/jetty/documentation/9.1.4.v20140401/embedded-examples.html#embedded-secured-hello-handler
if (H2O.ARGS.login_conf == null) {
Log.err("Must specify -login_conf argument");
H2O.exit(1);
}
LoginService loginService;
if (H2O.ARGS.hash_login) {
Log.info("Configuring HashLoginService");
loginService = new HashLoginService("H2O", H2O.ARGS.login_conf);
} else if (H2O.ARGS.ldap_login) {
Log.info("Configuring JAASLoginService (with LDAP)");
System.setProperty("java.security.auth.login.config", H2O.ARGS.login_conf);
loginService = new JAASLoginService("ldaploginmodule");
} else {
throw H2O.fail();
}
IdentityService identityService = new DefaultIdentityService();
loginService.setIdentityService(identityService);
_server.addBean(loginService);
// Set a security handler as the first handler in the chain.
ConstraintSecurityHandler security = new ConstraintSecurityHandler();
// Set up a constraint to authenticate all calls, and allow certain roles in.
Constraint constraint = new Constraint();
constraint.setName("auth");
constraint.setAuthenticate(true);
// Configure role stuff (to be disregarded). We are ignoring roles, and only going off the
// user name.
//
// Jetty 8 and prior.
//
// Jetty 8 requires the security.setStrict(false) and ANY_ROLE.
security.setStrict(false);
constraint.setRoles(new String[] {Constraint.ANY_ROLE});
// Jetty 9 and later.
//
// Jetty 9 and later uses a different servlet spec, and ANY_AUTH gives the same behavior
// for that API version as ANY_ROLE did previously. This required some low-level
// debugging
// to figure out, so I'm documenting it here.
// Jetty 9 did not require security.setStrict(false).
//
// constraint.setRoles(new String[]{Constraint.ANY_AUTH});
ConstraintMapping mapping = new ConstraintMapping();
mapping.setPathSpec("/*"); // Lock down all API calls
mapping.setConstraint(constraint);
security.setConstraintMappings(Collections.singletonList(mapping));
// Authentication / Authorization
security.setAuthenticator(new BasicAuthenticator());
security.setLoginService(loginService);
// Pass-through to H2O if authenticated.
registerHandlers(security);
_server.setHandler(security);
} else {
registerHandlers(_server);
}
_server.start();
}
public void setup(String ip, int port) {
_ip = ip;
_port = port;
System.setProperty(
"org.eclipse.jetty.server.Request.maxFormContentSize", Integer.toString(Integer.MAX_VALUE));
}