I have a built-in Jetty 7 implementation that works as a service and you want to add basic authentication without the web.xml file for the servlet.
I created my credentials using the steps described here
I thought I could create a server, create a security handler with basic authentication, and associate a HashLoginService with a security manager. But I clearly miss a few things because I never get credential prompts.
Below is the code. Any help would be greatly appreciated.
server = new Server(port); server.addConnector(getSslChannelConnector(securePort)); server.setGracefulShutdown(1000); server.setStopAtShutdown(true); // create the context handler for the server ServletContextHandler sch = new ServletContextHandler(server, WEBAPP_CONTEXT); // attach the security handler to it that has basic authentication sch.setSecurityHandler(getSecurityHandler()); // define the processing servlet. sch.addServlet(new ServletHolder(new ProcessingServlet()), "/process"); . . private SecurityHandler getSecurityHandler() { // add authentication Constraint constraint = new Constraint(Constraint.__BASIC_AUTH,"user"); constraint.setAuthenticate(true); constraint.setRoles(new String[]{"user","admin"}); // map the security constraint to the root path. ConstraintMapping cm = new ConstraintMapping(); cm.setConstraint(constraint); cm.setPathSpec("/*"); // create the security handler, set the authentication to Basic // and assign the realm. ConstraintSecurityHandler csh = new ConstraintSecurityHandler(); csh.setAuthenticator(new BasicAuthenticator()); csh.setRealmName(REALM); csh.addConstraintMapping(cm); // set the login service csh.setLoginService(getHashLoginService()); return csh; } private HashLoginService getHashLoginService() { // create the login service, assign the realm and read the user credentials // from the file /tmp/realm.properties. HashLoginService hls = new HashLoginService(); hls.setName(REALM); hls.setConfig("/tmp/realm.properties"); hls.setRefreshInterval(0); return hls; }
jspyeatt
source share