Java Code Examples for org.eclipse.jetty.util.security.Constraint#setAuthenticate()
The following examples show how to use
org.eclipse.jetty.util.security.Constraint#setAuthenticate() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: JettySecurity.java From camelinaction2 with Apache License 2.0 | 6 votes |
@Produces @Named("securityHandler") public static ConstraintSecurityHandler createSecurityHandler() { Constraint constraint = new Constraint("BASIC", "customer"); constraint.setAuthenticate(true); ConstraintMapping mapping = new ConstraintMapping(); mapping.setConstraint(constraint); mapping.setPathSpec("/*"); ConstraintSecurityHandler handler = new ConstraintSecurityHandler(); handler.addConstraintMapping(mapping); handler.setAuthenticator(new BasicAuthenticator()); handler.setLoginService(new HashLoginService("RiderAutoParts", "src/main/resources/users.properties")); return handler; }
Example 2
Source File: HttpService.java From brooklyn-server with Apache License 2.0 | 6 votes |
/** * Enables basic HTTP authentication on the server. */ public HttpService basicAuthentication(String username, String password) { HashLoginService l = new HashLoginService(); UserStore userStore = new UserStore(); userStore.addUser(username, Credential.getCredential(password), new String[]{"user"}); l.setUserStore(userStore); l.setName("test-realm"); Constraint constraint = new Constraint(Constraint.__BASIC_AUTH, "user"); constraint.setAuthenticate(true); ConstraintMapping constraintMapping = new ConstraintMapping(); constraintMapping.setConstraint(constraint); constraintMapping.setPathSpec("/*"); ConstraintSecurityHandler csh = new ConstraintSecurityHandler(); csh.setAuthenticator(new BasicAuthenticator()); csh.setRealmName("test-realm"); csh.addConstraintMapping(constraintMapping); csh.setLoginService(l); this.securityHandler = Optional.of(csh); return this; }
Example 3
Source File: CustomInitTest.java From rest-utils with Apache License 2.0 | 6 votes |
@Override public void accept(final ServletContextHandler context) { final List<String> roles = config.getList(RestConfig.AUTHENTICATION_ROLES_CONFIG); final Constraint constraint = new Constraint(); constraint.setAuthenticate(true); constraint.setRoles(roles.toArray(new String[0])); final ConstraintMapping constraintMapping = new ConstraintMapping(); constraintMapping.setConstraint(constraint); constraintMapping.setMethod("*"); constraintMapping.setPathSpec("/*"); final ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); securityHandler.addConstraintMapping(constraintMapping); securityHandler.setAuthenticator(new BasicAuthenticator()); securityHandler.setLoginService(new TestLoginService()); securityHandler.setRealmName("TestRealm"); context.setSecurityHandler(securityHandler); }
Example 4
Source File: HttpServerUtil.java From hbase with Apache License 2.0 | 6 votes |
/** * Add constraints to a Jetty Context to disallow undesirable Http methods. * @param ctxHandler The context to modify * @param allowOptionsMethod if true then OPTIONS method will not be set in constraint mapping */ public static void constrainHttpMethods(ServletContextHandler ctxHandler, boolean allowOptionsMethod) { Constraint c = new Constraint(); c.setAuthenticate(true); ConstraintMapping cmt = new ConstraintMapping(); cmt.setConstraint(c); cmt.setMethod("TRACE"); cmt.setPathSpec("/*"); ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); if (!allowOptionsMethod) { ConstraintMapping cmo = new ConstraintMapping(); cmo.setConstraint(c); cmo.setMethod("OPTIONS"); cmo.setPathSpec("/*"); securityHandler.setConstraintMappings(new ConstraintMapping[] { cmt, cmo }); } else { securityHandler.setConstraintMappings(new ConstraintMapping[] { cmt }); } ctxHandler.setSecurityHandler(securityHandler); }
Example 5
Source File: HttpProtocolServer.java From gitflow-incremental-builder with MIT License | 6 votes |
private void addBasicAuth(Server server) { ConstraintSecurityHandler security = new ConstraintSecurityHandler(); security.setAuthenticator(new BasicAuthenticator()); Constraint constraint = new Constraint(); constraint.setAuthenticate(true); constraint.setRoles(ROLES); ConstraintMapping mapping = new ConstraintMapping(); mapping.setPathSpec("/*"); mapping.setConstraint(constraint); security.setConstraintMappings(Collections.singletonList(mapping)); HashLoginService loginService = new HashLoginService(); loginService.setUserStore(buildUserStore()); server.addBean(loginService); security.setLoginService(loginService); security.setHandler(server.getHandler()); server.setHandler(security); }
Example 6
Source File: InMemoryIdentityManager.java From crnk-framework with Apache License 2.0 | 6 votes |
public InMemoryIdentityManager() { loginService = new HashLoginService(); loginService.setName(realm); securityHandler = new ConstraintSecurityHandler(); securityHandler.setAuthenticator(new BasicAuthenticator()); securityHandler.setRealmName(realm); securityHandler.setLoginService(loginService); Constraint constraint = new Constraint(); constraint.setName(Constraint.__BASIC_AUTH); // constraint.setRoles(new String[] { "getRole", "postRole", "allRole" }); constraint.setRoles(new String[]{Constraint.ANY_AUTH, "getRole", "postRole", "allRole"}); constraint.setAuthenticate(true); ConstraintMapping cm = new ConstraintMapping(); cm.setConstraint(constraint); cm.setPathSpec("/*"); securityHandler.addConstraintMapping(cm); }
Example 7
Source File: GerritRestClientTest.java From gerrit-rest-java-client with Apache License 2.0 | 6 votes |
private static SecurityHandler basicAuth(String username, String password, String realm) { HashLoginService loginService = new HashLoginService(); loginService.putUser(username, Credential.getCredential(password), new String[]{"user"}); loginService.setName(realm); Constraint constraint = new Constraint(); constraint.setName(Constraint.__DIGEST_AUTH); constraint.setRoles(new String[]{"user"}); constraint.setAuthenticate(true); ConstraintMapping constraintMapping = new ConstraintMapping(); constraintMapping.setConstraint(constraint); constraintMapping.setPathSpec("/*"); ConstraintSecurityHandler csh = new ConstraintSecurityHandler(); csh.setAuthenticator(new BasicAuthenticator()); csh.setRealmName("realm"); csh.addConstraintMapping(constraintMapping); csh.setLoginService(loginService); return csh; }
Example 8
Source File: JavaxServletSyncServerITest.java From hawkular-apm with Apache License 2.0 | 5 votes |
@BeforeClass public static void initClass() throws Exception { server = new Server(8180); LoginService loginService = new HashLoginService("MyRealm", "src/test/resources/realm.properties"); server.addBean(loginService); ConstraintSecurityHandler security = new ConstraintSecurityHandler(); server.setHandler(security); Constraint constraint = new Constraint(); constraint.setName("auth"); constraint.setAuthenticate(true); constraint.setRoles(new String[] { "user", "admin" }); ConstraintMapping mapping = new ConstraintMapping(); mapping.setPathSpec("/*"); mapping.setConstraint(constraint); security.setConstraintMappings(Collections.singletonList(mapping)); security.setAuthenticator(new BasicAuthenticator()); security.setLoginService(loginService); ServletContextHandler context = new ServletContextHandler(); context.setContextPath("/"); context.addServlet(EmbeddedServlet.class, "/hello"); security.setHandler(context); server.start(); }
Example 9
Source File: ClientJettyStreamITest.java From hawkular-apm with Apache License 2.0 | 5 votes |
@BeforeClass public static void initClass() { server = new Server(8180); LoginService loginService = new HashLoginService("MyRealm", "src/test/resources/realm.properties"); server.addBean(loginService); ConstraintSecurityHandler security = new ConstraintSecurityHandler(); server.setHandler(security); Constraint constraint = new Constraint(); constraint.setName("auth"); constraint.setAuthenticate(true); constraint.setRoles(new String[] { "user", "admin" }); ConstraintMapping mapping = new ConstraintMapping(); mapping.setPathSpec("/*"); mapping.setConstraint(constraint); security.setConstraintMappings(Collections.singletonList(mapping)); security.setAuthenticator(new BasicAuthenticator()); security.setLoginService(loginService); ServletContextHandler context = new ServletContextHandler(); context.setContextPath("/"); context.addServlet(EmbeddedServlet.class, "/hello"); security.setHandler(context); try { server.start(); } catch (Exception e) { fail("Failed to start server: " + e); } }
Example 10
Source File: AuthenticationIntegrationTest.java From cruise-control with BSD 2-Clause "Simplified" License | 5 votes |
@Override public List<ConstraintMapping> constraintMappings() { ConstraintMapping mapping = new ConstraintMapping(); Constraint constraint = new Constraint(); constraint.setAuthenticate(true); constraint.setName(Constraint.__BASIC_AUTH); constraint.setRoles(new String[] { ADMIN_ROLE }); mapping.setConstraint(constraint); mapping.setPathSpec(ANY_PATH); return Collections.singletonList(mapping); }
Example 11
Source File: JettySecurity.java From camelinaction2 with Apache License 2.0 | 5 votes |
public static ConstraintSecurityHandler createSecurityHandler() { Constraint constraint = new Constraint("BASIC", "customer"); constraint.setAuthenticate(true); ConstraintMapping mapping = new ConstraintMapping(); mapping.setConstraint(constraint); mapping.setPathSpec("/*"); ConstraintSecurityHandler handler = new ConstraintSecurityHandler(); handler.addConstraintMapping(mapping); handler.setAuthenticator(new BasicAuthenticator()); handler.setLoginService(new HashLoginService("RiderAutoParts", "etc/rest-users.properties")); return handler; }
Example 12
Source File: StandaloneAdminWeb.java From chipster with MIT License | 5 votes |
public static void main(String args[]) throws Exception { org.eclipse.jetty.server.Server adminServer = new org.eclipse.jetty.server.Server(); ServerConnector connector = new ServerConnector(adminServer); connector.setPort(8083); adminServer.setConnectors(new Connector[]{ connector }); Constraint constraint = new Constraint(); constraint.setName(Constraint.__BASIC_AUTH); constraint.setRoles(new String[] {"admin_role"}); constraint.setAuthenticate(true); ConstraintMapping cm = new ConstraintMapping(); cm.setConstraint(constraint); cm.setPathSpec("/*"); HashLoginService loginService = new HashLoginService("Please enter Chipster Admin username and password"); loginService.update("chipster", new Password("chipster"), new String[] {"admin_role"}); ConstraintSecurityHandler sh = new ConstraintSecurityHandler(); sh.setLoginService(loginService); sh.addConstraintMapping(cm); WebAppContext context = new WebAppContext(); File war = new File("../chipster/dist/admin-web.war"); //File war = new File("webapps/admin-web.war"); context.setWar(war.getAbsolutePath()); System.out.println(war.getAbsolutePath()); context.setContextPath("/"); context.setHandler(sh); HandlerCollection handlers = new HandlerCollection(); handlers.setHandlers(new Handler[] {context, new DefaultHandler()}); adminServer.setHandler(handlers); adminServer.start(); }
Example 13
Source File: BaleenWebApi.java From baleen with Apache License 2.0 | 5 votes |
private Constraint getConstraintForPermission(WebPermission permission) { Constraint constraint = new Constraint(); constraint.setName(permission.getName()); if (permission.hasRoles()) { constraint.setRoles(permission.getRoles()); } constraint.setAuthenticate(permission.isAuthenticated()); return constraint; }
Example 14
Source File: HttpReceiverServerPush.java From datacollector with Apache License 2.0 | 5 votes |
public static SecurityHandler getBasicAuthHandler(HttpSourceConfigs httpCourceConf) { List<CredentialValueUserPassBean> basicAuthUsers = httpCourceConf.getBasicAuthUsers(); HashLoginService loginService = new HashLoginService(); UserStore userStore = new UserStore(); boolean empty = true; for (CredentialValueUserPassBean userPassBean : basicAuthUsers) { String username = userPassBean.getUsername(); String password = userPassBean.get(); if(StringUtils.isNotEmpty(username) && StringUtils.isNotEmpty(password)) { userStore.addUser(username, new Password(password), new String[]{"sdc"}); empty = false; } } if(empty) { return null; } loginService.setUserStore(userStore); Constraint constraint = new Constraint(Constraint.__BASIC_AUTH,"sdc"); constraint.setAuthenticate(true); ConstraintMapping mapping = new ConstraintMapping(); mapping.setConstraint(constraint); mapping.setPathSpec("/*"); ConstraintSecurityHandler handler = new ConstraintSecurityHandler(); handler.setAuthenticator(new BasicAuthenticator()); handler.addConstraintMapping(mapping); handler.setLoginService(loginService); return handler; }
Example 15
Source File: JettyServer.java From selenium with Apache License 2.0 | 4 votes |
public JettyServer(BaseServerOptions options, HttpHandler handler) { this.handler = Require.nonNull("Handler", handler); int port = options.getPort() == 0 ? PortProber.findFreePort() : options.getPort(); String host = options.getHostname().orElseGet(() -> { try { return new NetworkUtils().getNonLoopbackAddressOfThisMachine(); } catch (WebDriverException ignored) { return "localhost"; } }); try { this.url = new URL("http", host, port, ""); } catch (MalformedURLException e) { throw new UncheckedIOException(e); } Log.setLog(new JavaUtilLog()); this.server = new org.eclipse.jetty.server.Server( new QueuedThreadPool(options.getMaxServerThreads())); this.servletContextHandler = new ServletContextHandler(ServletContextHandler.SECURITY); ConstraintSecurityHandler securityHandler = (ConstraintSecurityHandler) servletContextHandler.getSecurityHandler(); Constraint disableTrace = new Constraint(); disableTrace.setName("Disable TRACE"); disableTrace.setAuthenticate(true); ConstraintMapping disableTraceMapping = new ConstraintMapping(); disableTraceMapping.setConstraint(disableTrace); disableTraceMapping.setMethod("TRACE"); disableTraceMapping.setPathSpec("/"); securityHandler.addConstraintMapping(disableTraceMapping); Constraint enableOther = new Constraint(); enableOther.setName("Enable everything but TRACE"); ConstraintMapping enableOtherMapping = new ConstraintMapping(); enableOtherMapping.setConstraint(enableOther); enableOtherMapping.setMethodOmissions(new String[]{"TRACE"}); enableOtherMapping.setPathSpec("/"); securityHandler.addConstraintMapping(enableOtherMapping); // Allow CORS: Whether the Selenium server should allow web browser connections from any host if (options.getAllowCORS()) { FilterHolder filterHolder = servletContextHandler.addFilter(CrossOriginFilter.class, "/*", EnumSet .of(DispatcherType.REQUEST)); filterHolder.setInitParameter("allowedMethods", "GET,POST,PUT,DELETE,HEAD"); // Warning user LOG.warning("You have enabled CORS requests from any host. " + "Be careful not to visit sites which could maliciously " + "try to start Selenium sessions on your machine"); } server.setHandler(servletContextHandler); HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.setSecureScheme("https"); ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(httpConfig)); options.getHostname().ifPresent(http::setHost); http.setPort(getUrl().getPort()); http.setIdleTimeout(500000); server.setConnectors(new Connector[]{http}); }
Example 16
Source File: ODataTestServer.java From syndesis with Apache License 2.0 | 4 votes |
@SuppressWarnings( "deprecation" ) private void initServer(SSLContext sslContext, String userName) throws UnknownHostException { ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS); context.setContextPath(FORWARD_SLASH); this.setHandler(context); ServletHandler productsHandler = new ServletHandler(); productsHandler.addServletWithMapping( ProductsServlet.class, FORWARD_SLASH + PRODUCTS_SVC + FORWARD_SLASH + STAR); productsHandler.addFilterWithMapping(ODataPathFilter.class, FORWARD_SLASH + STAR, FilterMapping.REQUEST); context.insertHandler(productsHandler); if (userName != null) { LoginService loginService = new HashLoginService("MyRealm", "src/test/resources/realm.properties"); this.addBean(loginService); ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); Constraint constraint = new Constraint(); constraint.setName("auth"); constraint.setAuthenticate(true); constraint.setRoles(new String[] { USER, "admin" }); ConstraintMapping mapping = new ConstraintMapping(); mapping.setPathSpec(FORWARD_SLASH + PRODUCTS_SVC + FORWARD_SLASH + STAR); mapping.setConstraint(constraint); securityHandler.setConstraintMappings(Collections.singletonList(mapping)); securityHandler.setAuthenticator(new BasicAuthenticator()); context.setSecurityHandler(securityHandler); } httpConnector = new ServerConnector(this); httpConnector.setPort(httpPort); // Finds next available port if still 0 this.addConnector(httpConnector); if (sslContext != null) { // HTTPS HttpConfiguration httpConfiguration = new HttpConfiguration(); httpConfiguration.setSecureScheme("https"); httpConfiguration.setSecurePort(httpsPort); // Finds next available port if still 0 httpConfiguration.addCustomizer(new SecureRequestCustomizer()); final SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setSslContext(sslContext); httpsConnector = new ServerConnector(this, sslContextFactory, new HttpConnectionFactory(httpConfiguration)); httpsConnector.setPort(httpsPort); // Finds next available port if still 0 this.addConnector(httpsConnector); } }
Example 17
Source File: LotteryApplication.java From keycloak-dropwizard-integration with Apache License 2.0 | 4 votes |
@Override public void run(LotteryConfiguration configuration, Environment environment) throws ClassNotFoundException, IOException { // tag::constraint[] ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); environment.getApplicationContext().setSecurityHandler(securityHandler); securityHandler.addRole("user"); ConstraintMapping constraintMapping = new ConstraintMapping(); constraintMapping.setPathSpec("/*"); Constraint constraint = new Constraint(); // end::constraint[] /* if I put false here, there will be deferred authentication. This will not work when using oAuth redirects (as they will not make it to the front end). The DeferredAuthentication will swallow them. This might be different with a bearer token?! */ // tag::constraint[] constraint.setAuthenticate(true); constraint.setRoles(new String[]{"user"}); constraintMapping.setConstraint(constraint); securityHandler.addConstraintMapping(constraintMapping); // end::constraint[] // tag::keycloak[] KeycloakJettyAuthenticator keycloak = new KeycloakJettyAuthenticator(); environment.getApplicationContext().getSecurityHandler().setAuthenticator(keycloak); keycloak.setAdapterConfig(configuration.getKeycloakConfiguration()); // end::keycloak[] // allow (stateful) sessions in Dropwizard, needed for Keycloak environment.jersey().register(HttpSessionFactory.class); environment.servlets().setSessionHandler(new SessionHandler()); // register web resources. environment.jersey().register(DrawRessource.class); // support annotation @RolesAllowed // tag::roles[] environment.jersey().register(RolesAllowedDynamicFeature.class); // end::roles[] }
Example 18
Source File: TestWebServicesFetcher.java From datacollector with Apache License 2.0 | 4 votes |
protected void runServer(int port, boolean serverSsl, boolean clientSsl, String httpAuth, Callable<Void> test) throws Exception { Server server = createServer(port, serverSsl, clientSsl); ServletContextHandler contextHandler = new ServletContextHandler(); if (!httpAuth.equals("none")) { File realmFile = new File(getConfDir(), httpAuth + ".properties"); LoginService loginService = new HashLoginService(httpAuth, realmFile.getAbsolutePath()); server.addBean(loginService); ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); switch (httpAuth) { case "basic": securityHandler.setAuthenticator(new BasicAuthenticator()); break; case "digest": securityHandler.setAuthenticator(new DigestAuthenticator()); break; } securityHandler.setLoginService(loginService); Constraint constraint = new Constraint(); constraint.setName("auth"); constraint.setAuthenticate(true); constraint.setRoles(new String[]{"user"}); ConstraintMapping mapping = new ConstraintMapping(); mapping.setPathSpec("/*"); mapping.setConstraint(constraint); securityHandler.addConstraintMapping(mapping); contextHandler.setSecurityHandler(securityHandler); } MockCyberArkServlet servlet = new MockCyberArkServlet(); contextHandler.addServlet(new ServletHolder(servlet), "/AIMWebService/api/Accounts"); contextHandler.setContextPath("/"); server.setHandler(contextHandler); try { server.start(); test.call(); } finally { server.stop(); } }
Example 19
Source File: HttpReceiverServerPush.java From datacollector with Apache License 2.0 | 4 votes |
public static SecurityHandler getSpnegoAuthHandler(HttpSourceConfigs httpCourceConf, Stage.Context context) throws StageException { String domainRealm = httpCourceConf.getSpnegoConfigBean().getKerberosRealm(); String principal = httpCourceConf.getSpnegoConfigBean().getSpnegoPrincipal(); String keytab = httpCourceConf.getSpnegoConfigBean().getSpnegoKeytabFilePath(); File f = new File(context.getResourcesDirectory()+"/spnego.conf"); try { PrintWriter pw = new PrintWriter(f); pw.println(String.format(JGSS_INITITATE ,principal,keytab) +"\n"+ String.format(JGSS_ACCEPT,principal,keytab)); pw.close(); } catch (IOException e) { throw new StageException(Errors.HTTP_36, e); } System.setProperty(JAVAX_SECURITY_AUTH_USE_SUBJECT_CREDS_ONLY, "false"); System.setProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, context.getResourcesDirectory()+"/spnego.conf"); Constraint constraint = new Constraint(); constraint.setName(Constraint.__SPNEGO_AUTH); constraint.setRoles(new String[]{domainRealm}); constraint.setAuthenticate(true); ConstraintMapping cm = new ConstraintMapping(); cm.setConstraint(constraint); cm.setPathSpec("/*"); SpnegoLoginService loginService = new SpnegoLoginService(){ @Override protected void doStart() throws Exception { // Override the parent implementation to set the targetName without having // an extra .properties file. final Field targetNameField = SpnegoLoginService.class.getDeclaredField(TARGET_NAME_FIELD_NAME); targetNameField.setAccessible(true); targetNameField.set(this, principal); } }; loginService.setName(domainRealm); ConstraintSecurityHandler csh = new ConstraintSecurityHandler(); csh.setAuthenticator(new SpnegoAuthenticator()); csh.setLoginService(loginService); csh.setConstraintMappings(new ConstraintMapping[]{cm}); csh.setRealmName(domainRealm); return csh; }
Example 20
Source File: Manager.java From chipster with MIT License | 4 votes |
private void startAdmin(Configuration configuration) throws IOException, Exception { org.eclipse.jetty.server.Server adminServer = new org.eclipse.jetty.server.Server(); ServerConnector connector = new ServerConnector(adminServer); connector.setPort(configuration.getInt("manager", "admin-port")); adminServer.setConnectors(new Connector[]{ connector }); Constraint constraint = new Constraint(); constraint.setName(Constraint.__BASIC_AUTH); constraint.setRoles(new String[] {ADMIN_ROLE}); constraint.setAuthenticate(true); ConstraintMapping cm = new ConstraintMapping(); cm.setConstraint(constraint); cm.setPathSpec("/*"); HashLoginService loginService = new HashLoginService("Please enter Chipster Admin username and password"); loginService.update(configuration.getString("manager", "admin-username"), new Password(configuration.getString("manager", "admin-password")), new String[] {ADMIN_ROLE}); ConstraintSecurityHandler sh = new ConstraintSecurityHandler(); sh.setLoginService(loginService); sh.addConstraintMapping(cm); WebAppContext context = new WebAppContext(); context.setWar(new File(DirectoryLayout.getInstance().getWebappsDir(), "admin-web.war").getAbsolutePath()); context.setContextPath("/"); // context.setDescriptor(new ClassPathResource("WebContent/WEB-INF/web.xml").getURI().toString()); // context.setResourceBase(new ClassPathResource("WebContent").getURI().toString()); // context.setContextPath("/"); // context.setParentLoaderPriority(true); context.setHandler(sh); HandlerCollection handlers = new HandlerCollection(); handlers.setHandlers(new Handler[] {context, new DefaultHandler()}); adminServer.setHandler(handlers); adminServer.start(); }