org.apache.catalina.authenticator.SSLAuthenticator Java Examples
The following examples show how to use
org.apache.catalina.authenticator.SSLAuthenticator.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: TesterSupport.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
protected static void configureClientCertContext(Tomcat tomcat) { TesterSupport.initSsl(tomcat); // Need a web application with a protected and unprotected URL // No file system docBase required Context ctx = tomcat.addContext("", null); Tomcat.addServlet(ctx, "simple", new SimpleServlet()); ctx.addServletMapping("/unprotected", "simple"); ctx.addServletMapping("/protected", "simple"); // Security constraints SecurityCollection collection = new SecurityCollection(); collection.addPattern("/protected"); SecurityConstraint sc = new SecurityConstraint(); sc.addAuthRole(ROLE); sc.addCollection(collection); ctx.addConstraint(sc); // Configure the Realm MapRealm realm = new MapRealm(); realm.addUser("CN=user1, C=US", "not used"); realm.addUserRole("CN=user1, C=US", ROLE); ctx.setRealm(realm); // Configure the authenticator LoginConfig lc = new LoginConfig(); lc.setAuthMethod("CLIENT-CERT"); ctx.setLoginConfig(lc); ctx.getPipeline().addValve(new SSLAuthenticator()); }
Example #2
Source File: TesterSupport.java From tomcatsrc with Apache License 2.0 | 5 votes |
protected static void configureClientCertContext(Tomcat tomcat) { TesterSupport.initSsl(tomcat); // Need a web application with a protected and unprotected URL // No file system docBase required Context ctx = tomcat.addContext("", null); Tomcat.addServlet(ctx, "simple", new SimpleServlet()); ctx.addServletMapping("/unprotected", "simple"); ctx.addServletMapping("/protected", "simple"); // Security constraints SecurityCollection collection = new SecurityCollection(); collection.addPattern("/protected"); SecurityConstraint sc = new SecurityConstraint(); sc.addAuthRole(ROLE); sc.addCollection(collection); ctx.addConstraint(sc); // Configure the Realm MapRealm realm = new MapRealm(); realm.addUser("CN=user1, C=US", "not used"); realm.addUserRole("CN=user1, C=US", ROLE); ctx.setRealm(realm); // Configure the authenticator LoginConfig lc = new LoginConfig(); lc.setAuthMethod("CLIENT-CERT"); ctx.setLoginConfig(lc); ctx.getPipeline().addValve(new SSLAuthenticator()); }
Example #3
Source File: TomcatWsRegistry.java From tomee with Apache License 2.0 | 4 votes |
private static Context createNewContext(final ClassLoader classLoader, String authMethod, String transportGuarantee, final String realmName, final String name) { String path = name; if (path == null) { path = "/"; } if (!path.startsWith("/")) { path = "/" + path; } final StandardContext context = new IgnoredStandardContext(); context.setPath(path); context.setDocBase(""); context.setParentClassLoader(classLoader); context.setDelegate(true); context.setName(name); ((TomcatWebAppBuilder) SystemInstance.get().getComponent(WebAppBuilder.class)).initJ2EEInfo(context); // Configure security if (authMethod != null) { authMethod = authMethod.toUpperCase(); } if (transportGuarantee != null) { transportGuarantee = transportGuarantee.toUpperCase(); } if (authMethod == null || "NONE".equals(authMethod)) { //NOPMD // ignore none for now as the NonLoginAuthenticator seems to be completely hosed } else if ("BASIC".equals(authMethod) || "DIGEST".equals(authMethod) || "CLIENT-CERT".equals(authMethod)) { //Setup a login configuration final LoginConfig loginConfig = new LoginConfig(); loginConfig.setAuthMethod(authMethod); loginConfig.setRealmName(realmName); context.setLoginConfig(loginConfig); //Setup a default Security Constraint final String securityRole = SystemInstance.get().getProperty(TOMEE_JAXWS_SECURITY_ROLE_PREFIX + name, "default"); for (final String role : securityRole.split(",")) { final SecurityCollection collection = new SecurityCollection(); collection.addMethod("GET"); collection.addMethod("POST"); collection.addPattern("/*"); collection.setName(role); final SecurityConstraint sc = new SecurityConstraint(); sc.addAuthRole("*"); sc.addCollection(collection); sc.setAuthConstraint(true); sc.setUserConstraint(transportGuarantee); context.addConstraint(sc); context.addSecurityRole(role); } //Set the proper authenticator if ("BASIC".equals(authMethod)) { context.addValve(new BasicAuthenticator()); } else if ("DIGEST".equals(authMethod)) { context.addValve(new DigestAuthenticator()); } else if ("CLIENT-CERT".equals(authMethod)) { context.addValve(new SSLAuthenticator()); } else if ("NONE".equals(authMethod)) { context.addValve(new NonLoginAuthenticator()); } context.getPipeline().addValve(new OpenEJBValve()); } else { throw new IllegalArgumentException("Invalid authMethod: " + authMethod); } return context; }
Example #4
Source File: TomcatHessianRegistry.java From tomee with Apache License 2.0 | 4 votes |
private static Context createNewContext(final ClassLoader classLoader, final String rAuthMethod, final String rTransportGuarantee, final String realmName, final String name) { String path = name; if (path == null) { path = "/"; } if (!path.startsWith("/")) { path = "/" + path; } final StandardContext context = new IgnoredStandardContext(); context.setPath(path); context.setDocBase(""); context.setParentClassLoader(classLoader); context.setDelegate(true); context.setName(name); TomcatWebAppBuilder.class.cast(SystemInstance.get().getComponent(WebAppBuilder.class)).initJ2EEInfo(context); // Configure security String authMethod = rAuthMethod; if (authMethod != null) { authMethod = authMethod.toUpperCase(); } String transportGuarantee = rTransportGuarantee; if (transportGuarantee != null) { transportGuarantee = transportGuarantee.toUpperCase(); } if (authMethod != null & !"NONE".equals(authMethod)) { if ("BASIC".equals(authMethod) || "DIGEST".equals(authMethod) || "CLIENT-CERT".equals(authMethod)) { //Setup a login configuration final LoginConfig loginConfig = new LoginConfig(); loginConfig.setAuthMethod(authMethod); loginConfig.setRealmName(realmName); context.setLoginConfig(loginConfig); //Setup a default Security Constraint final String securityRole = SystemInstance.get().getProperty(TOMEE_HESSIAN_SECURITY_ROLE_PREFIX + name, "default"); for (final String role : securityRole.split(",")) { final SecurityCollection collection = new SecurityCollection(); collection.addMethod("GET"); collection.addMethod("POST"); collection.addPattern("/*"); collection.setName(role); final SecurityConstraint sc = new SecurityConstraint(); sc.addAuthRole("*"); sc.addCollection(collection); sc.setAuthConstraint(true); sc.setUserConstraint(transportGuarantee); context.addConstraint(sc); context.addSecurityRole(role); } } //Set the proper authenticator switch (authMethod) { case "BASIC": context.addValve(new BasicAuthenticator()); break; case "DIGEST": context.addValve(new DigestAuthenticator()); break; case "CLIENT-CERT": context.addValve(new SSLAuthenticator()); break; case "NONE": context.addValve(new NonLoginAuthenticator()); break; } context.getPipeline().addValve(new OpenEJBValve()); } else { throw new IllegalArgumentException("Invalid authMethod: " + authMethod); } return context; }