Hi, I am using Jetty 7.2.2. I already have already an application (servlet + static files) in embedded mode, I wish to introduce authentication to this application. I use org.eclipse.jetty.osgi.boot for embedding the jetty server.
I went through the test application that is available with jetty 7.2.2 (non embedded one). I wish to enable security constraints (and then JAAS implementation).
For this, test example advises to put something like below in its web.xml. As of now I do not have any web.xml, How do these settings in embeded mode?
<security-constraint> <web-resource-collection> <web-resource-name>Any User</web-resource-name> <url-pattern>/myapp/*</url-pattern> <url-pattern>/myapp/dispatcher/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>*</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <realm-name>Test_JAAS_Realm</realm-name> <form-login-config>
<form-login-page>/logon.html?param=test1</form-login-page> <form-error-page>/logonError.html?param=test1</form-error-page> </form-login-config> </login-config> <session-config> <session-timeout>5</session-timeout> </session-config> I do have context.xml (as per the documenation), I created it. and put following content in it. ( I wish to follow instructions given in the tutorial for non embedded mode).
<Set name="securityHandler"> <New class="org.eclipse.jetty.security.ConstraintSecurityHandler"> <Set name="loginService"> <New class="org.eclipse.jetty.plus.jaas.JAASLoginService"> <Set name="name">Test_JAAS_Realm</Set> <Set name="loginModuleName">xyz</Set> </New> </Set> <Set name="strict">false</Set> </New> </Set>
I am not getting any success . Looking for help. Regards Vinod
|