/** * Generate constraints for the Flume HTTP Source * @return ConstraintSecurityHandler for use with Jetty servlet */ public static ConstraintSecurityHandler enforceConstraints() { Constraint c = new Constraint(); c.setAuthenticate(true); ConstraintMapping cmt = new ConstraintMapping(); cmt.setConstraint(c); cmt.setMethod("TRACE"); cmt.setPathSpec("/*"); ConstraintMapping cmo = new ConstraintMapping(); cmo.setConstraint(c); cmo.setMethod("OPTIONS"); cmo.setPathSpec("/*"); ConstraintSecurityHandler sh = new ConstraintSecurityHandler(); sh.setConstraintMappings(new ConstraintMapping[]{cmt, cmo}); return sh; } }
constraint.setRoles(new String[] { "user", "admin" }); ConstraintMapping mapping = new ConstraintMapping(); mapping.setPathSpec( "/*" ); mapping.setConstraint( constraint ); securityHandler.setConstraintMappings(Collections.singletonList(mapping));
mapping.setPathSpec( "/*" ); mapping.setConstraint(constraint);
/** * Add constraints to a Jetty Context to disallow undesirable Http methods. * @param ctxHandler The context to modify * @param allowOptionsMethod if true then OPTIONS method will not be set in constraint mapping */ public static void constrainHttpMethods(ServletContextHandler ctxHandler, boolean allowOptionsMethod) { Constraint c = new Constraint(); c.setAuthenticate(true); ConstraintMapping cmt = new ConstraintMapping(); cmt.setConstraint(c); cmt.setMethod("TRACE"); cmt.setPathSpec("/*"); ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); if (!allowOptionsMethod) { ConstraintMapping cmo = new ConstraintMapping(); cmo.setConstraint(c); cmo.setMethod("OPTIONS"); cmo.setPathSpec("/*"); securityHandler.setConstraintMappings(new ConstraintMapping[] { cmt, cmo }); } else { securityHandler.setConstraintMappings(new ConstraintMapping[] { cmt }); } ctxHandler.setSecurityHandler(securityHandler); }
ConstraintMapping mapping = new ConstraintMapping(); mapping.setMethod(method); mapping.setPathSpec(url); mapping.setConstraint(sc); ((ConstraintAware)context.getSecurityHandler()).addConstraintMapping(mapping); ConstraintMapping mapping = new ConstraintMapping(); mapping.setMethodOmissions(new String[]{method}); mapping.setPathSpec(url); mapping.setConstraint(sc); ((ConstraintAware)context.getSecurityHandler()).addConstraintMapping(mapping); mapping.setPathSpec(url); mapping.setConstraint(sc); ((ConstraintAware)context.getSecurityHandler()).addConstraintMapping(mapping);
constraintMapping.setPathSpec( "/*" );
private static void addAuthHandler(Server server, String auth, LoginAuthenticator authenticator, Handler handler) { server.addBean(LOGIN_SERVICE); Constraint constraint = new Constraint(); constraint.setName(auth); constraint.setRoles(new String[]{USER, ADMIN}); constraint.setAuthenticate(true); ConstraintMapping mapping = new ConstraintMapping(); mapping.setConstraint(constraint); mapping.setPathSpec("/*"); Set<String> knownRoles = new HashSet<>(); knownRoles.add(USER); knownRoles.add(ADMIN); List<ConstraintMapping> cm = new ArrayList<>(); cm.add(mapping); ConstraintSecurityHandler security = new ConstraintSecurityHandler(); security.setConstraintMappings(cm, knownRoles); security.setAuthenticator(authenticator); security.setLoginService(LOGIN_SERVICE); security.setHandler(handler); server.setHandler(security); }
constraintMapping.setPathSpec(context.getProperty(AUTH_PATH_SPEC).evaluateAttributeExpressions().getValue()); constraintMapping.setConstraint(constraint);
healthcheckConstraintMapping.setPathSpec("/api/v1/health/check"); cm.setPathSpec("/*");
mapping.setPathSpec( "/*" ); mapping.setConstraint(constraint);
private ConstraintMapping[] getConstraintMappings(String ... pRoles) { Constraint constraint = new Constraint(); constraint.setName(Constraint.__BASIC_AUTH); constraint.setRoles(pRoles); constraint.setAuthenticate(true); ConstraintMapping cm = new ConstraintMapping(); cm.setConstraint(constraint); cm.setPathSpec("/*"); return new ConstraintMapping[] { cm }; }
httpConstraintMapping.setPathSpec(pathSpec); httpConstraintMapping.setConstraint(httpConstraint); mappings.add(httpConstraintMapping); ConstraintMapping mapping = new ConstraintMapping(); mapping.setConstraint(methodConstraint); mapping.setPathSpec(pathSpec); if (methodConstraintElement.getMethodName() != null)
constraintMapping.setPathSpec("/*");
@Override public void customize(Server server) { LOG.debug("Customizing server to allow requests for {}", USER_AUTHORIZED); HashLoginService login = new HashLoginService(); login.putUser(USER_AUTHORIZED, Credential.getCredential(USER_PW), new String[] {"users"}); login.setName("users"); Constraint constraint = new Constraint(); constraint.setName(Constraint.__BASIC_AUTH); constraint.setRoles(new String[]{"users"}); constraint.setAuthenticate(true); ConstraintMapping cm = new ConstraintMapping(); cm.setConstraint(constraint); cm.setPathSpec("/*"); ConstraintSecurityHandler security = new ConstraintSecurityHandler(); security.setAuthenticator(new BasicAuthenticator()); security.setRealmName("users"); security.addConstraintMapping(cm); security.setLoginService(login); // chain the PQS handler to security security.setHandler(server.getHandlers()[0]); server.setHandler(security); } }
private ConstraintMapping[] getConstraintMappings(String ... pRoles) { Constraint constraint = new Constraint(); constraint.setName(Constraint.__BASIC_AUTH); constraint.setRoles(pRoles); constraint.setAuthenticate(true); ConstraintMapping cm = new ConstraintMapping(); cm.setConstraint(constraint); cm.setPathSpec("/*"); return new ConstraintMapping[] { cm }; }
protected void configureTraceMethod(ConstraintSecurityHandler securityHandler, boolean enableTrace) { Constraint constraint = new Constraint(); constraint.setName("trace-security"); //If enableTrace is true, then we want to set authenticate to false to allow it constraint.setAuthenticate(!enableTrace); ConstraintMapping mapping = new ConstraintMapping(); mapping.setConstraint(constraint); mapping.setMethod("TRACE"); mapping.setPathSpec("/"); securityHandler.addConstraintMapping(mapping); }
protected void configureTraceMethod(ConstraintSecurityHandler securityHandler, boolean enableTrace) { Constraint constraint = new Constraint(); constraint.setName("trace-security"); //If enableTrace is true, then we want to set authenticate to false to allow it constraint.setAuthenticate(!enableTrace); ConstraintMapping mapping = new ConstraintMapping(); mapping.setConstraint(constraint); mapping.setMethod("TRACE"); mapping.setPathSpec("/"); securityHandler.addConstraintMapping(mapping); }
protected void configureTraceMethod(ConstraintSecurityHandler securityHandler, boolean enableTrace) { Constraint constraint = new Constraint(); constraint.setName("trace-security"); //If enableTrace is true, then we want to set authenticate to false to allow it constraint.setAuthenticate(!enableTrace); ConstraintMapping mapping = new ConstraintMapping(); mapping.setConstraint(constraint); mapping.setMethod("TRACE"); mapping.setPathSpec("/"); securityHandler.addConstraintMapping(mapping); }
private ConstraintMapping createConstraintMapping() { ConstraintMapping cm = new ConstraintMapping(); cm.setConstraint(new Constraint()); cm.getConstraint().setAuthenticate(true); cm.getConstraint().setDataConstraint(Constraint.DC_NONE); cm.getConstraint().setRoles(new String[] { authRole }); cm.setPathSpec("/*"); return cm; }
public static ConstraintSecurityHandler createSecurityHandler() { Constraint constraint = new Constraint("BASIC", "customer"); constraint.setAuthenticate(true); ConstraintMapping mapping = new ConstraintMapping(); mapping.setConstraint(constraint); mapping.setPathSpec("/*"); ConstraintSecurityHandler handler = new ConstraintSecurityHandler(); handler.addConstraintMapping(mapping); handler.setAuthenticator(new BasicAuthenticator()); handler.setLoginService(new HashLoginService("RiderAutoParts", "etc/rest-users.properties")); return handler; }