Refine search
l.setName(realm); Constraint constraint = new Constraint(); constraint.setName(Constraint.__BASIC_AUTH); constraint.setRoles(new String[]{"user"}); constraint.setAuthenticate(true); Constraint noConstraint = new Constraint(); ConstraintMapping healthcheckConstraintMapping = new ConstraintMapping(); healthcheckConstraintMapping.setConstraint(noConstraint); healthcheckConstraintMapping.setPathSpec("/api/v1/health/check"); ConstraintMapping cm = new ConstraintMapping(); cm.setPathSpec("/*"); ConstraintSecurityHandler csh = new ConstraintSecurityHandler(); csh.setAuthenticator(new BasicAuthenticator()); csh.setRealmName("myrealm"); csh.addConstraintMapping(healthcheckConstraintMapping); csh.addConstraintMapping(cm); csh.setLoginService(l);
final ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); contextHandler.insertHandler(securityHandler); final Constraint constraint = new Constraint(); constraint.setName("auth"); constraint.setAuthenticate(true); constraint.setRoles(roles.split(",")); final ConstraintMapping constraintMapping = new ConstraintMapping(); constraintMapping.setPathSpec(context.getProperty(AUTH_PATH_SPEC).evaluateAttributeExpressions().getValue()); constraintMapping.setConstraint(constraint); securityHandler.setAuthenticatorFactory(authenticatorFactory); securityHandler.setAuthMethod(Constraint.__BASIC_AUTH); securityHandler.setRealmName(getClass().getSimpleName()); securityHandler.setConstraintMappings(Collections.singletonList(constraintMapping)); securityHandler.setLoginService(loginService);
/** * Secure the web server with PAM. */ void setupPam(Builder b, Handler handler) { LoginService loginService = new PamLoginService(); webServer.addBean(loginService); ConstraintSecurityHandler security = new ConstraintSecurityHandler(); Constraint constraint = new PamConstraint(); ConstraintMapping mapping = new PamConstraintMapping(constraint); security.setConstraintMappings(Collections.singletonList(mapping)); security.setAuthenticator(b.pamAuthenticator); security.setLoginService(loginService); security.setHandler(handler); webServer.setHandler(security); }
/** * Generate constraints for the Flume HTTP Source * @return ConstraintSecurityHandler for use with Jetty servlet */ public static ConstraintSecurityHandler enforceConstraints() { Constraint c = new Constraint(); c.setAuthenticate(true); ConstraintMapping cmt = new ConstraintMapping(); cmt.setConstraint(c); cmt.setMethod("TRACE"); cmt.setPathSpec("/*"); ConstraintMapping cmo = new ConstraintMapping(); cmo.setConstraint(c); cmo.setMethod("OPTIONS"); cmo.setPathSpec("/*"); ConstraintSecurityHandler sh = new ConstraintSecurityHandler(); sh.setConstraintMappings(new ConstraintMapping[]{cmt, cmo}); return sh; } }
protected void configureTraceMethod(ConstraintSecurityHandler securityHandler, boolean enableTrace) { Constraint constraint = new Constraint(); constraint.setName("trace-security"); //If enableTrace is true, then we want to set authenticate to false to allow it constraint.setAuthenticate(!enableTrace); ConstraintMapping mapping = new ConstraintMapping(); mapping.setConstraint(constraint); mapping.setMethod("TRACE"); mapping.setPathSpec("/"); securityHandler.addConstraintMapping(mapping); }
constraint.setRoles(new String[] { "user" }); ConstraintMapping mapping = new ConstraintMapping(); mapping.setPathSpec("/*"); mapping.setConstraint(constraint); ConstraintSecurityHandler sh = new ConstraintSecurityHandler(); sh.addConstraintMapping(mapping); sh.setAuthenticator(new BasicAuthenticator()); sh.setLoginService(loginService); sh.setStrict(true); sh.setHandler(handlers); server.setHandler(sh); } else {
public static void addPathConstraint(ConstraintSecurityHandler securityHandler, String pathSpec, String role) { Objects.requireNonNull(securityHandler); Objects.requireNonNull(pathSpec); ConstraintMapping mapping = new ConstraintMapping(); Constraint constraint = new Constraint(); String[] roles = new String[]{role}; constraint.setRoles(roles); constraint.setName(securityHandler.getAuthenticator().getAuthMethod()); constraint.setAuthenticate(true); mapping.setConstraint(constraint); mapping.setPathSpec(pathSpec); securityHandler.addConstraintMapping(mapping); }
private void auth(ServletContextHandler ctx, Authenticator authType) { final String role = "can-access"; MappedLoginService users = new MappedLoginService() { @Override protected UserIdentity loadUser(String who) { return null; } @Override protected void loadUsers() throws IOException { putUser(username, new Password(password), new String[] { role }); } }; ConstraintMapping cm = new ConstraintMapping(); cm.setConstraint(new Constraint()); cm.getConstraint().setAuthenticate(true); cm.getConstraint().setDataConstraint(Constraint.DC_NONE); cm.getConstraint().setRoles(new String[] { role }); cm.setPathSpec("/*"); ConstraintSecurityHandler sec = new ConstraintSecurityHandler(); sec.setStrict(false); sec.setRealmName(realm); sec.setAuthenticator(authType); sec.setLoginService(users); sec.setConstraintMappings(new ConstraintMapping[] { cm }); sec.setHandler(ctx); contexts.removeHandler(ctx); contexts.addHandler(sec); }
/** Create a Jetty {@link SecurityHandler} for basic authentication. * See {@linkplain #addPathConstraint(ConstraintSecurityHandler, String)} * for adding the {@code pathspec} to apply it to. */ public static ConstraintSecurityHandler makeSecurityHandler(String realm, UserStore userStore, String role, AuthScheme authMode) { // role can be "**" for any authenticated user. Objects.requireNonNull(userStore); Objects.requireNonNull(role); if ( authMode == null ) authMode = dftAuthMode; ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); IdentityService identService = new DefaultIdentityService(); securityHandler.setIdentityService(identService); // ---- HashLoginService HashLoginService loginService = new HashLoginService(realm); loginService.setUserStore(userStore); loginService.setIdentityService(identService); securityHandler.setLoginService(loginService); securityHandler.setAuthenticator( authMode == AuthScheme.BASIC ? new BasicAuthenticator() : new DigestAuthenticator() ); if ( realm != null ) securityHandler.setRealmName(realm); return securityHandler; }
Constraint constraint = new Constraint(); constraint.setRoles( new String[] { "allowed" } ); constraint.setAuthenticate( true ); ConstraintMapping cm = new ConstraintMapping(); cm.setConstraint( constraint ); cm.setPathSpec( "/*" ); ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); securityHandler.setAuthMethod( NxBasicAuthenticator.AUTH_TYPE ); securityHandler.setAuthenticator( new NxBasicAuthenticator() ); securityHandler.setLoginService( loginService ); securityHandler.setConstraintMappings( new ConstraintMapping[] { cm } ); securityHandler.setStrict( false ); securityHandler.setHandler( getTestHandler() ); server.setHandler( securityHandler );
/** * Construct new security handler for basic authentication. */ public SecurityHandler getObject() throws Exception { ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); securityHandler.setAuthenticator(authenticator); securityHandler.setRealmName(realm); for (Entry<String, Constraint> constraint : constraints.entrySet()) { ConstraintMapping constraintMapping = new ConstraintMapping(); constraintMapping.setConstraint(constraint.getValue()); constraintMapping.setPathSpec(constraint.getKey()); securityHandler.addConstraintMapping(constraintMapping); } securityHandler.setLoginService(loginService); return securityHandler; }
servletHandler.setServletMappings(new ServletMapping[]{mapping}); if (processor.getAuthMethod() != null) { ConstraintSecurityHandler secHandler = new ConstraintSecurityHandler(); ConstraintMapping constraintMapping = new ConstraintMapping(); Constraint constraint = new Constraint(); constraint.setAuthenticate(true); constraint.setRoles(new String[]{"*"}); constraintMapping.setConstraint(constraint); constraintMapping.setPathSpec("/"); secHandler.setConstraintMappings(new ConstraintMapping[]{constraintMapping}); secHandler.setHandler(servletHandler); secHandler.setAuthMethod(processor.getAuthMethod()); JaasUserRealm realm = new JaasUserRealm(); if (configuration.getAuthenticationService() != null) { realm.setAuthenticationService(AuthenticationService.Proxy.create(configuration.getAuthenticationService())); secHandler.setLoginService(realm); context.setSecurityHandler(secHandler);
private SecurityHandler getSecurityHandler(String pUser, String pPassword, String pRole) { HashLoginService loginService = getLoginService(pUser, pPassword, pRole); server.addBean(loginService); ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); securityHandler.setConstraintMappings(getConstraintMappings(pRole)); securityHandler.setAuthenticator(new BasicAuthenticator()); securityHandler.addBean(loginService); return securityHandler; }
private void auth(ServletContextHandler ctx, Authenticator authType, String... methods) { AbstractLoginService users = new TestMappedLoginService(authRole); List<ConstraintMapping> mappings = new ArrayList<>(); if (methods == null || methods.length == 0) { mappings.add(createConstraintMapping()); } else { for (String method : methods) { ConstraintMapping cm = createConstraintMapping(); cm.setMethod(method.toUpperCase(Locale.ROOT)); mappings.add(cm); } } ConstraintSecurityHandler sec = new ConstraintSecurityHandler(); sec.setRealmName(realm); sec.setAuthenticator(authType); sec.setLoginService(users); sec.setConstraintMappings( mappings.toArray(new ConstraintMapping[0])); sec.setHandler(ctx); contexts.removeHandler(ctx); contexts.addHandler(sec); }
@Override protected HandlerWrapper createHandler() { ConstraintSecurityHandler handler = new ConstraintSecurityHandler(); handler.setLoginService(loginServiceConfig.getLoginService()); handler.setRealmName(realmName); handler.setAuthenticator(authenticatorConfig.getAuthenticator()); for (ConstraintMappingConfig constraintMappingConfig : constraintMappings) { handler.addConstraintMapping(constraintMappingConfig.getConstraintMapping()); } return handler; }
private DigestAuthHandler() throws Exception { digestAuthenticator = new DigestAuthenticator(); ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); final HashLoginService hashLoginService = new HashLoginService("realm", "src/test/resources/TestInvokeHttp/realm.properties"); hashLoginService.start(); securityHandler.setLoginService(hashLoginService); securityHandler.setIdentityService(new DefaultIdentityService()); digestAuthenticator.setConfiguration(securityHandler); }
private ServletContextHandler createServletContextHandlerBasic() { ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS | ServletContextHandler.SECURITY); context .addServlet(new ServletHolder(injector().getInstance(LogoutServlet.class)), "/logout"); ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); UsersManager usersManager = injector().getInstance(UsersManager.class); usersManager.initUsers(); securityHandler.setLoginService(usersManager.loginService()); FormAuthenticator authenticator = new FormAuthenticator();//"/login", "/login", false); securityHandler.setAuthenticator(authenticator); context.setSecurityHandler(securityHandler); return context; }
/** * Process the constraints following the combining rules in Servlet 3.0 EA * spec section 13.7.1 Note that much of the logic is in the RoleInfo class. * * @param constraintMappings * The constraintMappings to set, from which the set of known roles * is determined. */ public void setConstraintMappings(List<ConstraintMapping> constraintMappings) { setConstraintMappings(constraintMappings,null); }
@Override protected SecurityHandler buildSecurityHandler() { if( constraintServices != null ) { ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); for( ConstraintService eachConstraintService : constraintServices ) { ConstraintMapping csMapping = eachConstraintService.buildConstraintMapping(); if( csMapping != null ) { securityHandler.addConstraintMapping( csMapping ); } } if( !securityHandler.getConstraintMappings().isEmpty() ) { return securityHandler; } } return super.buildSecurityHandler(); }
if (pathMappings != null) ConstraintSecurityHandler.createConstraint(registration.getName(), servletSecurityElement); List<ConstraintMapping> mappings = ConstraintSecurityHandler.createConstraintsWithMappingsForPath(registration.getName(), pathSpec, servletSecurityElement); for (ConstraintMapping m:mappings) ((ConstraintAware)getSecurityHandler()).addConstraintMapping(m); List<ConstraintMapping> constraintMappings = ConstraintSecurityHandler.removeConstraintMappingsForPath(pathSpec, ((ConstraintAware)getSecurityHandler()).getConstraintMappings()); List<ConstraintMapping> freshMappings = ConstraintSecurityHandler.createConstraintsWithMappingsForPath(registration.getName(), pathSpec, servletSecurityElement); constraintMappings.addAll(freshMappings); ((ConstraintSecurityHandler)getSecurityHandler()).setConstraintMappings(constraintMappings); ((ConstraintAware)getSecurityHandler()).checkPathsWithUncoveredHttpMethods(); break;