Re: [jetty-users] JAAS questions

Tue, 29 Sep 2015 23:45:07 -0700 

Thanks Jan,
Seeing that the HashLoginService is sufficient, and that it is associated with a realm, I found 

  https://wiki.eclipse.org/Jetty/Tutorial/Realms

and per that I added an /etc/jetty.xml file:

<Configure id="Server" class="org.eclipse.jetty.server.Server">

    <Call name="addBean">
      <Arg>
        <New class="org.eclipse.jetty.security.HashLoginService">
          <Set name="name">Test Realm</Set>

          <Set name="config"><SystemProperty name="jetty.home" 
default="."/>/etc/realm.properties</Set>

          <Set name="refreshInterval">0</Set>
        </New>
      </Arg>
    </Call>

</Configure>


However when I start jetty with this file and a simple 
etc/realm.properties file, I get this on loading the standard 
jetty-http.xml:



2015-09-29 23:28:12.676:WARN:oejx.XmlConfiguration:main: Config error at 
<Call name="addConnector"><Arg>|      <New id="httpConnector" 
class="org.eclipse.jetty.server.ServerConnector"><Arg name="server"><Ref 
refid="Server"/></Arg><Arg name="acceptors" type="int"><Property 
name="jetty.http.acceptors" deprecated="http.acceptors" 
default="-1"/></Arg><Arg name="selectors" type="int"><Property 
name="jetty.http.selectors" deprecated="http.selectors" 
default="-1"/></Arg><Arg name="factories">|          <Array 
type="org.eclipse.jetty.server.ConnectionFactory"><Item>| <New 
class="org.eclipse.jetty.server.HttpConnectionFactory"><Arg 
name="config"><Ref refid="httpConfig"/></Arg></New>| 
</Item></Array>|        </Arg><Set name="host"><Property 
name="jetty.http.host" deprecated="jetty.host"/></Set><Set 
name="port"><Property name="jetty.http.port" deprecated="jetty.port" 
default="8080"/></Set><Set name="idleTimeout"><Property 
name="jetty.http.idleTimeout" deprecated="http.timeout" 
default="30000"/></Set><Set name="soLingerTime"><Property 
name="jetty.http.soLingerTime" deprecated="http.soLingerTime" 
default="-1"/></Set><Set name="acceptorPriorityDelta"><Property 
name="jetty.http.acceptorPriorityDelta" 
deprecated="http.acceptorPriorityDelta" default="0"/></Set><Set 
name="acceptQueueSize"><Property name="jetty.http.acceptQueueSize" 
deprecated="http.acceptQueueSize" default="0"/></Set></New>| 
</Arg></Call> java.lang.reflect.InvocationTargetException in 
file:/Users/priot/jetty/org.eclipse.jetty.project/jetty-distribution/target/distribution/etc/jetty-http.xml

java.lang.reflect.InvocationTargetException
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

        at java.lang.reflect.Method.invoke(Method.java:497)
        at org.eclipse.jetty.start.Main.invokeMain(Main.java:214)
        at org.eclipse.jetty.start.Main.start(Main.java:457)
        at org.eclipse.jetty.start.Main.main(Main.java:75)
Caused by: java.lang.reflect.InvocationTargetException

        at 
sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at 
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
        at 
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)

        at java.lang.reflect.Constructor.newInstance(Constructor.java:422)
        at org.eclipse.jetty.util.TypeUtil.construct(TypeUtil.java:627)

        at 
org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.newObj(XmlConfiguration.java:782)
        at 
org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.itemValue(XmlConfiguration.java:1233)
        at 
org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.value(XmlConfiguration.java:1138)
        at 
org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.newArray(XmlConfiguration.java:860)
        at 
org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.itemValue(XmlConfiguration.java:1237)
        at 
org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.value(XmlConfiguration.java:1138)
        at 
org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.newObj(XmlConfiguration.java:766)
        at 
org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.itemValue(XmlConfiguration.java:1233)
        at 
org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.value(XmlConfiguration.java:1138)
        at 
org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.access$500(XmlConfiguration.java:274)
        at 
org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration$AttrOrElementNode.getList(XmlConfiguration.java:1366)
        at 
org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration$AttrOrElementNode.getList(XmlConfiguration.java:1341)
        at 
org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.call(XmlConfiguration.java:704)
        at 
org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.configure(XmlConfiguration.java:417)
        at 
org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.configure(XmlConfiguration.java:358)
        at 
org.eclipse.jetty.xml.XmlConfiguration.configure(XmlConfiguration.java:259)
        at 
org.eclipse.jetty.xml.XmlConfiguration$1.run(XmlConfiguration.java:1498)

        at java.security.AccessController.doPrivileged(Native Method)

        at 
org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1435)

        ... 7 more
Caused by: java.lang.IllegalArgumentException: Null HttpConfiguration

        at 
org.eclipse.jetty.server.HttpConnectionFactory.<init>(HttpConnectionFactory.java:45)

        ... 31 more



Speaking of problems, I just did a git pull in case the problem was an 
earlier pull, and got this on building:


[ERROR] symbol:   class NamingContext  <== seems to be gone
[ERROR] location: class org.eclipse.jetty.jndi.local.localContextRoot

Thanks,
Bill


On 9/29/2015 6:44 PM, Jan Bartel wrote:

Hi Bill,


I think you'll get a bit more clarity if you look in demo-base/webapps 
at the test-jaas.xml and test-jaas.war file. This is the example 
webapp for configuring and using jaas.





    My question is, why have two password files? Are both required?


There are different password files for different purposes:


etc/test-realm.xml configures a HashLoginService that is set as the 
default login service on the Server object and references 
etc/realm.properties with the passwords and roles
etc/realm.properties is also referenced by the webapp-specific 
HashLoginService configured for the test webapp in webapps/test.xml
etc/login.conf is a jaas configuration file. The webapps/test-jaas.xml 
context file sets up a JAASLoginService for the webapps/test-jaas.war 
webapp, which will use the etc/login.conf file to point to the 
passwords and roles defined in etc/login.properties.




So, HashLoginService is an alternative to JAASLoginService and they 
both have different config files and formats. The demo-base has both 
to cater to the multiple different webapps deployed in it.



regards
Jan



    Also, etc/test-realm.xml creates a HashLoginService, is that
    complementary to JAASLoginService? I don't see that in
    demo-base/etc/ at least. I expected to see a Configure Server
    somewhere at the top level of the demo bringing in
    JAASLoginService based on

    http://www.eclipse.org/jetty/documentation/current/jaas-support.html

    Third question is, why is there no demo-base/web.xml? It seems I
    need one because I want to password protect both war/servlets and
    ROOT:

    --webapp/my.war  [2 servlets with a web.xml]
    --webapp/ROOT

    It seems I need to define a realm that encompasses them? Would a
    ${jetty.base}/web.xml like this be sufficient (per the
    jaas-support page)?

    <login-config>
      <auth-method>FORM</auth-method>
      <realm-name>mywholesite</realm-name>
      <form-login-config>
    <form-login-page>/login/login</form-login-page>   <== example?
    <form-error-page>/login/error</form-error-page>   <== example?
    (e.g. if a param is passed)
      </form-login-config>
    </login-config>

    And it would automatically cover the war and ROOT, or would that
    need to be spelled out?
    The web.xml info I see on Google looks generally like servlet
    config, which I have down in my war's web.xml.

    Thanks,
    Bill

    _______________________________________________
    jetty-users mailing list
    [email protected] <mailto:[email protected]>
    To change your delivery options, retrieve your password, or
    unsubscribe from this list, visit
    https://dev.eclipse.org/mailman/listinfo/jetty-users




--
Jan Bartel <[email protected] <mailto:[email protected]>>
www.webtide.com <http://www.webtide.com>
/Expert assistance from the creators of Jetty and CometD/



_______________________________________________
jetty-users mailing list
[email protected]
To change your delivery options, retrieve your password, or unsubscribe from 
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users



_______________________________________________
jetty-users mailing list
[email protected]
To change your delivery options, retrieve your password, or unsubscribe from 
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users





















					Reply via email to