HashUserRealm userRealm = new HashUserRealm(realm); userRealm.put(consoleUser, Credential.getCredential(consolePassword)); userRealm.addUserToRole(consoleUser,"console"); userRealm.put(curatorUser, Credential.getCredential(curatorPassword)); userRealm.addUserToRole(curatorUser, "curator"); Constraint console = new Constraint(); console.setName("consoleauth"); console.setRoles(new String[]{"console"}); console.setAuthenticate(true); Constraint curator = new Constraint(); curator.setName("curatorauth"); curator.setRoles(new String[]{"curator", "console"}); curator.setAuthenticate(true); ConstraintMapping consoleMapping = new ConstraintMapping(); consoleMapping.setConstraint(console); consoleMapping.setPathSpec("/*"); ConstraintMapping curatorMapping = new ConstraintMapping(); curatorMapping.setConstraint(curator); curatorMapping.setPathSpec("/exhibitor/v1/cluster/list"); SecurityHandler handler = new SecurityHandler(); handler.setUserRealm(userRealm); handler.setConstraintMappings(new ConstraintMapping[]{consoleMapping,curatorMapping}); handler.setAuthenticator(new BasicAuthenticator());
@Override public Object put(Object name, Object credentials) { users.put(String.valueOf(name), String.valueOf(credentials)); return super.put(name, credentials); } };
private SslSocketConnector getSslSocketConnector(final int sslPortNumber) { final SslSocketConnector secureConnector = new SslSocketConnector(); secureConnector.setPort(sslPortNumber); secureConnector.setKeystore(this.props.getString("jetty.keystore")); secureConnector.setPassword(this.props.getString("jetty.password")); secureConnector.setKeyPassword(this.props.getString("jetty.keypassword")); secureConnector.setTruststore(this.props.getString("jetty.truststore")); secureConnector.setTrustPassword(this.props.getString("jetty.trustpassword")); secureConnector.setHeaderBufferSize(MAX_HEADER_BUFFER_SIZE); // set up vulnerable cipher suites to exclude final List<String> cipherSuitesToExclude = this.props .getStringList("jetty.excludeCipherSuites"); logger.info("Excluded Cipher Suites: " + String.valueOf(cipherSuitesToExclude)); if (cipherSuitesToExclude != null && !cipherSuitesToExclude.isEmpty()) { secureConnector.setExcludeCipherSuites(cipherSuitesToExclude.toArray(new String[0])); } return secureConnector; } }
private ConstraintMapping[] getConstraintMappings(String ... pRoles) { Constraint constraint = new Constraint(); constraint.setName(Constraint.__BASIC_AUTH); constraint.setRoles(pRoles); constraint.setAuthenticate(true); ConstraintMapping cm = new ConstraintMapping(); cm.setConstraint(constraint); cm.setPathSpec("/*"); return new ConstraintMapping[] { cm }; }
private UserRealm getUserRealm(String pUser, String pPassword, String pRole) { HashUserRealm realm = new HashUserRealm("jolokia Realm"); realm.put(pUser,pPassword); realm.addUserToRole(pUser,pRole); return realm; }
private SecurityHandler getSecurityHandler(String pUser, String pPassword, String pRole) { SecurityHandler securityHandler = new SecurityHandler(); securityHandler.setConstraintMappings(getConstraintMappings(pRole)); securityHandler.setUserRealm(getUserRealm(pUser, pPassword, pRole)); return securityHandler; }
final Binding binding = ((BindingProvider) servicePort).getBinding(); List<Handler> handlerList = binding.getHandlerChain(); if (handlerList == null) handlerList = new ArrayList<Handler>(); handlerList.add(new SecurityHandler()); binding.setHandlerChain(handlerList); // <- important!
securityHandler.setUserRealm(realm);
public void setName(String name) { super.setName(name); } public String getConfig()
public Principal pushRole(Principal user, String role) { if (user==null) user=new User(); return new WrappedUser(user,role); }
/** Get a Principal matching the user. * If there is no user realm, and therefore we are using a * htpassword file instead, then just return a dummy Principal. * @param user * @param realm * @return */ public Principal getPrincipal (String user, UserRealm realm) { if (realm==null) return new DummyPrincipal(user); return realm.getPrincipal(user); } /* ------------------------------------------------------------ */
public static String crypt(String user,String pw) { return "CRYPT:"+UnixCrypt.crypt(pw,user); } }
public void setSingleSignOn(Request request,Response response,Principal principal,Credential credential) { if (_ssoRealm!=null) _ssoRealm.setSingleSignOn(request,response,principal,credential); }
public String toString() { return getName(); } }
public String toString() { return getName(); } }
public String getConfig() { return super.getConfig(); } /* ------------------------------------------------------------ */
public String toString() { return getName(); } };
private ConstraintMapping[] getConstraintMappings(String ... pRoles) { Constraint constraint = new Constraint(); constraint.setName(Constraint.__BASIC_AUTH); constraint.setRoles(pRoles); constraint.setAuthenticate(true); ConstraintMapping cm = new ConstraintMapping(); cm.setConstraint(constraint); cm.setPathSpec("/*"); return new ConstraintMapping[] { cm }; }
public Principal pushRole(Principal user, String role) { if (user==null) user=new User(); return new WrappedUser(user,role); }
public static String crypt(String user,String pw) { return "CRYPT:"+UnixCrypt.crypt(pw,user); } }