org.eclipse.jetty.security.LoginService loginService = new org.eclipse.jetty.security.HashLoginService("LoklakRealm", DAO.conf_dir.getAbsolutePath() + "/http_auth"); if(auth) LoklakServer.server.addBean(loginService);
@SuppressWarnings("ConstantConditions") String webDir = EventHubHandler.class.getClassLoader().getResource("frontend").toExternalForm(); HashLoginService loginService = new HashLoginService(); loginService.putUser(properties.getProperty("eventhubhandler.username"), new Password(properties.getProperty("eventhubhandler.password")), new String[]{"user"});
HashLoginService l = new HashLoginService(); l.setUserStore(userStore); l.setName(realm);
private DigestAuthHandler() throws Exception { digestAuthenticator = new DigestAuthenticator(); ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); final HashLoginService hashLoginService = new HashLoginService("realm", "src/test/resources/TestInvokeHttp/realm.properties"); hashLoginService.start(); securityHandler.setLoginService(hashLoginService); securityHandler.setIdentityService(new DefaultIdentityService()); digestAuthenticator.setConfiguration(securityHandler); }
@Override public void customize(Server server) { LOG.debug("Customizing server to allow requests for {}", USER_AUTHORIZED); HashLoginService login = new HashLoginService(); login.putUser(USER_AUTHORIZED, Credential.getCredential(USER_PW), new String[] {"users"}); login.setName("users"); Constraint constraint = new Constraint(); constraint.setName(Constraint.__BASIC_AUTH); constraint.setRoles(new String[]{"users"}); constraint.setAuthenticate(true); ConstraintMapping cm = new ConstraintMapping(); cm.setConstraint(constraint); cm.setPathSpec("/*"); ConstraintSecurityHandler security = new ConstraintSecurityHandler(); security.setAuthenticator(new BasicAuthenticator()); security.setRealmName("users"); security.addConstraintMapping(cm); security.setLoginService(login); // chain the PQS handler to security security.setHandler(server.getHandlers()[0]); server.setHandler(security); } }
/** Create a Jetty {@link SecurityHandler} for basic authentication. * See {@linkplain #addPathConstraint(ConstraintSecurityHandler, String)} * for adding the {@code pathspec} to apply it to. */ public static ConstraintSecurityHandler makeSecurityHandler(String realm, UserStore userStore, String role, AuthScheme authMode) { // role can be "**" for any authenticated user. Objects.requireNonNull(userStore); Objects.requireNonNull(role); if ( authMode == null ) authMode = dftAuthMode; ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); IdentityService identService = new DefaultIdentityService(); securityHandler.setIdentityService(identService); // ---- HashLoginService HashLoginService loginService = new HashLoginService(realm); loginService.setUserStore(userStore); loginService.setIdentityService(identService); securityHandler.setLoginService(loginService); securityHandler.setAuthenticator( authMode == AuthScheme.BASIC ? new BasicAuthenticator() : new DigestAuthenticator() ); if ( realm != null ) securityHandler.setRealmName(realm); return securityHandler; }
securityHandler.addConstraintMapping(constraintMapping); UserStore userStore = new UserStore(); HashLoginService loginService = new HashLoginService(); loginService.setUserStore(userStore); userStore.addUser("oshai", new Password("oshai"), new String[]{"user"}); securityHandler.setLoginService(loginService);
protected WebAppContext createContext() { final WebAppContext ctx = new WebAppContext(); ctx.setContextPath("/"); ctx.setWar(appBase); if(!Strings.isNullOrEmpty(webInfLocation)) { ctx.setDescriptor(webInfLocation); } // configure security to avoid err println "Null identity service, trying login service:" // but I've found no way to get rid of LoginService=xxx log on system err :( HashLoginService loginService = new HashLoginService(); loginService.setIdentityService(new DefaultIdentityService()); ctx.getSecurityHandler().setLoginService(loginService); ctx.getSecurityHandler().setIdentityService(loginService.getIdentityService()); ctx.addLifeCycleListener(new AbstractLifeCycle.AbstractLifeCycleListener() { @Override public void lifeCycleStarting(LifeCycle event) { ctx.getServletContext().setInitParameter("restx.baseServerUri", baseUrl()); ctx.getServletContext().setInitParameter("restx.serverId", getServerId()); } }); return ctx; }
public void configureWebApplication() throws Exception { // Jetty tries to do this in WebAppContext.resolveWebApp but it failed to delete the directory. File t = webApp.getTempDirectory(); if (t==null) t = new File(getProject().getBuild().getDirectory(),"tmp"); File extractedWebAppDir= new File(t, "webapp"); if (isExtractedWebAppDirStale(extractedWebAppDir, webAppFile)) { FileUtils.deleteDirectory(extractedWebAppDir); } super.configureWebApplication(); getWebAppConfig().setWar(webAppFile.getCanonicalPath()); for (Artifact a : (Set<Artifact>) project.getArtifacts()) { if (a.getGroupId().equals("org.jenkins-ci.main") && a.getArtifactId().equals("jenkins-core")) { File coreBasedir = pluginWorkspaceMap.read(a.getId()); if (coreBasedir != null) { String extraCP = new File(coreBasedir, "src/main/resources").toURI() + "," + new File(coreBasedir, "target/classes").toURI(); getLog().info("Will load directly from " + extraCP); getWebAppConfig().setExtraClasspath(extraCP); } } } // cf. https://wiki.jenkins-ci.org/display/JENKINS/Jetty HashLoginService hashLoginService = (new HashLoginService("Jenkins Realm")); hashLoginService.setConfig(System.getProperty("jetty.home", "work") + "/etc/realm.properties"); getWebAppConfig().getSecurityHandler().setLoginService(hashLoginService); }
private static void security(ServletContextHandler context, String authfile) { Constraint constraint = new Constraint() ; constraint.setName(Constraint.__BASIC_AUTH) ; constraint.setRoles(new String[]{"fuseki"}) ; constraint.setAuthenticate(true) ; ConstraintMapping mapping = new ConstraintMapping() ; mapping.setConstraint(constraint) ; mapping.setPathSpec("/*") ; IdentityService identService = new DefaultIdentityService() ; ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler() ; securityHandler.addConstraintMapping(mapping) ; securityHandler.setIdentityService(identService) ; HashLoginService loginService = new HashLoginService("Fuseki Authentication", authfile) ; loginService.setIdentityService(identService) ; securityHandler.setLoginService(loginService) ; securityHandler.setAuthenticator(new BasicAuthenticator()) ; context.setSecurityHandler(securityHandler) ; serverLog.debug("Basic Auth Configuration = " + authfile) ; }
@Override public synchronized UserIdentity putUser( String userName, Credential credential, String[] roles ) { List<String> newRoles = new ArrayList<String>(); newRoles.add( "default" ); Collections.addAll( newRoles, roles ); return super.putUser( userName, credential, newRoles.toArray( new String[newRoles.size()] ) ); } };
@Override protected LoginService getHandlerLoginService() { String realmFile = handlerProps.get(Constants.Security.BASIC_REALM_FILE); Path realmFilePath = Paths.get(realmFile); Preconditions.checkArgument(Files.exists(realmFilePath), "File does not exist: %s", realmFilePath); Preconditions.checkArgument(Files.isReadable(realmFilePath), "File is not readable: %s", realmFilePath); HashLoginService loginService = new HashLoginService(); loginService.setConfig(realmFile); loginService.setIdentityService(getHandlerIdentityService()); return loginService; }
public HashLoginService(String name) { setName(name); }
@Override public HashLoginService get() { String authConfig = config.getUserAuthFile(); try { if (!isNullOrEmpty(authConfig)) { HashLoginService service = new HashLoginService(HttpServerModule.REALM_NAME, authConfig); service.loadUsers(); return service; } return null; } catch (IOException e) { log.error(e, "Error when loading user auth info from %s", authConfig); } return null; } }
@Override public void addRealm(Realm realm) { HashLoginService loginService = new HashLoginService(); loginService.setName(realm.getName()); Collection<UserRole> users = realm.getUsers().values(); for (UserRole user : users) { String[] roles = user.getRoles().toArray(new String[0]); Password password = new Password(user.getPassword()); loginService.putUser(user.getUser(), password, roles); } server.addBean(loginService); }
/** Create a Jetty {@link SecurityHandler} for basic authentication. * See {@linkplain #addPathConstraint(ConstraintSecurityHandler, String)} * for adding the {@code pathspec} to apply it to. */ public static ConstraintSecurityHandler makeSecurityHandler(String realm, UserStore userStore, String role, AuthScheme authMode) { // role can be "**" for any authenticated user. Objects.requireNonNull(userStore); Objects.requireNonNull(role); if ( authMode == null ) authMode = dftAuthMode; ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); IdentityService identService = new DefaultIdentityService(); securityHandler.setIdentityService(identService); // ---- HashLoginService HashLoginService loginService = new HashLoginService(realm); loginService.setUserStore(userStore); loginService.setIdentityService(identService); securityHandler.setLoginService(loginService); securityHandler.setAuthenticator( authMode == AuthScheme.BASIC ? new BasicAuthenticator() : new DigestAuthenticator() ); if ( realm != null ) securityHandler.setRealmName(realm); return securityHandler; }
private void configureServer(Server server, WebAuthConfig authConfig, Handler servletHandler) throws BaleenException { Handler serverHandler; if (authConfig == null || authConfig.getType() == AuthType.NONE) { LOGGER.warn("No security applied to API"); // No security serverHandler = servletHandler; } else if (authConfig.getType() == AuthType.BASIC) { // Basic authentication LOGGER.info("Using Basic HTTP authentication for API"); HashLoginService loginService = new HashLoginService(authConfig.getName()); UserStore userStore = new UserStore(); for (WebUser user : authConfig.getUsers()) { Credential credential = Credential.getCredential(user.getPassword()); userStore.addUser(user.getUsername(), credential, user.getRolesAsArray()); } loginService.setUserStore(userStore); server.addBean(loginService); ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); securityHandler.setHandler(servletHandler); securityHandler.setConstraintMappings(constraintMappings); securityHandler.setAuthenticator(new BasicAuthenticator()); securityHandler.setLoginService(loginService); serverHandler = securityHandler; } else { throw new InvalidParameterException("Configuration of authentication failed"); } server.setHandler(serverHandler); }
protected WebAppContext createContext() { final WebAppContext ctx = new WebAppContext(); ctx.setContextPath("/"); ctx.setWar(appBase); if(!Strings.isNullOrEmpty(webInfLocation)) { ctx.setDescriptor(webInfLocation); } // configure security to avoid err println "Null identity service, trying login service:" // but I've found no way to get rid of LoginService=xxx log on system err :( HashLoginService loginService = new HashLoginService(); loginService.setIdentityService(new DefaultIdentityService()); ctx.getSecurityHandler().setLoginService(loginService); ctx.getSecurityHandler().setIdentityService(loginService.getIdentityService()); ctx.addLifeCycleListener(new AbstractLifeCycle.AbstractLifeCycleListener() { @Override public void lifeCycleStarting(LifeCycle event) { ctx.getServletContext().setInitParameter("restx.baseServerUri", baseUrl()); ctx.getServletContext().setInitParameter("restx.serverId", getServerId()); } }); return ctx; }
HashLoginService loginService = new HashLoginService("TestRealm"); loginService.setConfig("src/test/resources/testrealm.txt");