Java Code Examples for org.eclipse.jetty.security.ConstraintMapping#setMethod()
The following examples show how to use
org.eclipse.jetty.security.ConstraintMapping#setMethod() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: BaleenWebApi.java From baleen with Apache License 2.0 | 6 votes |
|
private void addServlet(final Servlet servlet, final String path, WebPermission... permissions) {
servletContextHandler.addServlet(new ServletHolder(servlet), path);
if (permissions != null && permissions.length > 0) {
for (WebPermission p : permissions) {
Constraint constraint = getConstraintForPermission(p);
ConstraintMapping mapping = new ConstraintMapping();
mapping.setPathSpec(servletContextHandler.getContextPath() + path);
mapping.setConstraint(constraint);
if (p.hasMethod()) {
mapping.setMethod(p.getMethod().name());
}
constraintMappings.add(mapping);
}
}
LOGGER.info("Servlet added on path {}", path);
}
Example 2
| Source File: HttpServerUtil.java From hbase with Apache License 2.0 | 6 votes |
|
/**
* Add constraints to a Jetty Context to disallow undesirable Http methods.
* @param ctxHandler The context to modify
* @param allowOptionsMethod if true then OPTIONS method will not be set in constraint mapping
*/
public static void constrainHttpMethods(ServletContextHandler ctxHandler,
boolean allowOptionsMethod) {
Constraint c = new Constraint();
c.setAuthenticate(true);
ConstraintMapping cmt = new ConstraintMapping();
cmt.setConstraint(c);
cmt.setMethod("TRACE");
cmt.setPathSpec("/*");
ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
if (!allowOptionsMethod) {
ConstraintMapping cmo = new ConstraintMapping();
cmo.setConstraint(c);
cmo.setMethod("OPTIONS");
cmo.setPathSpec("/*");
securityHandler.setConstraintMappings(new ConstraintMapping[] { cmt, cmo });
} else {
securityHandler.setConstraintMappings(new ConstraintMapping[] { cmt });
}
ctxHandler.setSecurityHandler(securityHandler);
}
Example 3
| Source File: AuthUtil.java From rest-utils with Apache License 2.0 | 6 votes |
|
/**
* Build a secure or unsecure constraint using standard RestConfig for a path.
*
* @param restConfig the rest app's config.
* @param authenticate authentication flag.
* @param pathSpec path for constraint.
* @return the constraint mapping.
*/
private static ConstraintMapping createConstraint(
final RestConfig restConfig,
final boolean authenticate,
final String pathSpec
) {
final Constraint constraint = new Constraint();
constraint.setAuthenticate(authenticate);
if (authenticate) {
final List<String> roles = restConfig.getList(RestConfig.AUTHENTICATION_ROLES_CONFIG);
constraint.setRoles(roles.toArray(new String[0]));
}
final ConstraintMapping mapping = new ConstraintMapping();
mapping.setConstraint(constraint);
mapping.setMethod("*");
if (authenticate && AuthUtil.isCorsEnabled(restConfig)) {
mapping.setMethodOmissions(new String[]{"OPTIONS"});
}
mapping.setPathSpec(pathSpec);
return mapping;
}
Example 4
| Source File: CustomInitTest.java From rest-utils with Apache License 2.0 | 6 votes |
|
@Override
public void accept(final ServletContextHandler context) {
final List<String> roles = config.getList(RestConfig.AUTHENTICATION_ROLES_CONFIG);
final Constraint constraint = new Constraint();
constraint.setAuthenticate(true);
constraint.setRoles(roles.toArray(new String[0]));
final ConstraintMapping constraintMapping = new ConstraintMapping();
constraintMapping.setConstraint(constraint);
constraintMapping.setMethod("*");
constraintMapping.setPathSpec("/*");
final ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
securityHandler.addConstraintMapping(constraintMapping);
securityHandler.setAuthenticator(new BasicAuthenticator());
securityHandler.setLoginService(new TestLoginService());
securityHandler.setRealmName("TestRealm");
context.setSecurityHandler(securityHandler);
}
Example 5
| Source File: AppEngineAuthenticationTest.java From appengine-java-vm-runtime with Apache License 2.0 | 5 votes |
|
private void addConstraint(
ConstraintSecurityHandler handler, String path, String name, String... roles) {
Constraint constraint = new Constraint();
constraint.setName(name);
constraint.setRoles(roles);
constraint.setAuthenticate(true);
ConstraintMapping mapping = new ConstraintMapping();
mapping.setMethod("GET");
mapping.setPathSpec(path);
mapping.setConstraint(constraint);
handler.addConstraintMapping(mapping);
}
Example 6
| Source File: WebServerTask.java From datacollector with Apache License 2.0 | 4 votes |
|
private List<ConstraintMapping> createConstraintMappings() {
// everything under /* public
Constraint noAuthConstraint = new Constraint();
noAuthConstraint.setName("auth");
noAuthConstraint.setAuthenticate(false);
noAuthConstraint.setRoles(new String[]{"user"});
ConstraintMapping noAuthMapping = new ConstraintMapping();
noAuthMapping.setPathSpec("/*");
noAuthMapping.setConstraint(noAuthConstraint);
// everything under /public-rest/* public
Constraint publicRestConstraint = new Constraint();
publicRestConstraint.setName("auth");
publicRestConstraint.setAuthenticate(false);
publicRestConstraint.setRoles(new String[] { "user"});
ConstraintMapping publicRestMapping = new ConstraintMapping();
publicRestMapping.setPathSpec("/public-rest/*");
publicRestMapping.setConstraint(publicRestConstraint);
// everything under /rest/* restricted
Constraint restConstraint = new Constraint();
restConstraint.setName("auth");
restConstraint.setAuthenticate(true);
restConstraint.setRoles(new String[] { "user"});
ConstraintMapping restMapping = new ConstraintMapping();
restMapping.setPathSpec("/rest/*");
restMapping.setConstraint(restConstraint);
// /logout is restricted
Constraint logoutConstraint = new Constraint();
logoutConstraint.setName("auth");
logoutConstraint.setAuthenticate(true);
logoutConstraint.setRoles(new String[] { "user"});
ConstraintMapping logoutMapping = new ConstraintMapping();
logoutMapping.setPathSpec("/logout");
logoutMapping.setConstraint(logoutConstraint);
// index page is restricted to trigger login correctly when using form authentication
Constraint indexConstraint = new Constraint();
indexConstraint.setName("auth");
indexConstraint.setAuthenticate(true);
indexConstraint.setRoles(new String[] { "user"});
ConstraintMapping indexMapping = new ConstraintMapping();
indexMapping.setPathSpec("");
indexMapping.setConstraint(indexConstraint);
// docs is restricted
ConstraintMapping docMapping = new ConstraintMapping();
docMapping.setPathSpec("/docs/*");
docMapping.setConstraint(indexConstraint);
// Disable TRACE method
Constraint disableTraceConstraint = new Constraint();
disableTraceConstraint.setName("Disable TRACE");
disableTraceConstraint.setAuthenticate(true);
ConstraintMapping disableTraceMapping = new ConstraintMapping();
disableTraceMapping.setPathSpec("/*");
disableTraceMapping.setMethod("TRACE");
disableTraceMapping.setConstraint(disableTraceConstraint);
return ImmutableList.of(
disableTraceMapping,
restMapping,
indexMapping,
docMapping,
logoutMapping,
noAuthMapping,
publicRestMapping
);
}
Example 7
| Source File: JettyServer.java From selenium with Apache License 2.0 | 4 votes |
|
public JettyServer(BaseServerOptions options, HttpHandler handler) {
this.handler = Require.nonNull("Handler", handler);
int port = options.getPort() == 0 ? PortProber.findFreePort() : options.getPort();
String host = options.getHostname().orElseGet(() -> {
try {
return new NetworkUtils().getNonLoopbackAddressOfThisMachine();
} catch (WebDriverException ignored) {
return "localhost";
}
});
try {
this.url = new URL("http", host, port, "");
} catch (MalformedURLException e) {
throw new UncheckedIOException(e);
}
Log.setLog(new JavaUtilLog());
this.server = new org.eclipse.jetty.server.Server(
new QueuedThreadPool(options.getMaxServerThreads()));
this.servletContextHandler = new ServletContextHandler(ServletContextHandler.SECURITY);
ConstraintSecurityHandler
securityHandler =
(ConstraintSecurityHandler) servletContextHandler.getSecurityHandler();
Constraint disableTrace = new Constraint();
disableTrace.setName("Disable TRACE");
disableTrace.setAuthenticate(true);
ConstraintMapping disableTraceMapping = new ConstraintMapping();
disableTraceMapping.setConstraint(disableTrace);
disableTraceMapping.setMethod("TRACE");
disableTraceMapping.setPathSpec("/");
securityHandler.addConstraintMapping(disableTraceMapping);
Constraint enableOther = new Constraint();
enableOther.setName("Enable everything but TRACE");
ConstraintMapping enableOtherMapping = new ConstraintMapping();
enableOtherMapping.setConstraint(enableOther);
enableOtherMapping.setMethodOmissions(new String[]{"TRACE"});
enableOtherMapping.setPathSpec("/");
securityHandler.addConstraintMapping(enableOtherMapping);
// Allow CORS: Whether the Selenium server should allow web browser connections from any host
if (options.getAllowCORS()) {
FilterHolder
filterHolder = servletContextHandler.addFilter(CrossOriginFilter.class, "/*", EnumSet
.of(DispatcherType.REQUEST));
filterHolder.setInitParameter("allowedMethods", "GET,POST,PUT,DELETE,HEAD");
// Warning user
LOG.warning("You have enabled CORS requests from any host. "
+ "Be careful not to visit sites which could maliciously "
+ "try to start Selenium sessions on your machine");
}
server.setHandler(servletContextHandler);
HttpConfiguration httpConfig = new HttpConfiguration();
httpConfig.setSecureScheme("https");
ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(httpConfig));
options.getHostname().ifPresent(http::setHost);
http.setPort(getUrl().getPort());
http.setIdleTimeout(500000);
server.setConnectors(new Connector[]{http});
}
