dear all, I have been using Jetty embedded for years, but never tried to use it stand alone.
I have downloaded jetty-distribution-9.3.0.v20150612 and would like to test authentication so that /public is accessible to all and /private to authenticated users only. I have created: - webapps/public/index.html - webapps/private/index.html - webapps/private.xml - webapps/private.d/override-web.xml - etc/realm.properties XML files are read by Jetty since it complains if there is a syntax error (for instance). But I must miss something, since private/index.html remains accessible. Any clue would be of great value :) Oleg Lodygensky webapps/private.xml contains <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd";> <Configure class="org.eclipse.jetty.webapp.WebAppContext"> <Set name="contextPath">/private</Set> <Set name="resourceBase"><SystemProperty name="jetty.base" default="."/>/webapps/private/</Set> <Set name="overrideDescriptor"><Property name="jetty.webapps" default="."/>/private.d/override-web.xml</Set> <Get name="securityHandler"> <Set name="loginService"> <New class="org.eclipse.jetty.security.HashLoginService"> <Set name="name">Test Realm</Set> <Set name="config"><SystemProperty name="jetty.base" default="."/>/etc/realm.properties</Set> </New> </Set> </Get> </Configure> webapps/private.d/override-web.xml contains <?xml version="1.0" encoding="UTF-8"?> <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"; version="3.1"> <login-config> <auth-method>BASIC</auth-method> <realm-name>Test Realm</realm-name> </login-config> </web-app> etc/realm.properties contains # # This file defines users passwords and roles for a HashUserRealm # # The format is # <username>: <password>[,<rolename> ...] # # Passwords may be clear text, obfuscated or checksummed. The class # org.eclipse.util.Password should be used to generate obfuscated # passwords or password checksums # # If DIGEST Authentication is used, the password must be in a recoverable # format, either plain text or OBF:. # jetty: MD5:blabla,user admin: CRYPT:blabla,server-administrator,content-administrator,admin,user other: OBF:blabla,user plain: plain,user user: password,user # This entry is for digest auth. The credential is a MD5 hash of username:realmname:password digest: MD5:blabla,user _______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users
