Bill, Don't look at that wiki unless you are using an old version of jetty. The recent documentation is here: https://www.eclipse.org/jetty/documentation/current/.
In particular, here's a link to configuring realms: https://www.eclipse.org/jetty/documentation/current/configuring-security-authentication.html It looks like you've deleted all the content out of the etc/jetty.xml file that should be there and just put in a realm configuration. Leave the ${jetty.base}/etc/jetty.xml file as it is originally, don't edit it. The idea would be to create a new ${jetty.base} directory and then add files to it to configure things the way you want - jetty config files are generally additive. Say your new base is called "my-base", then edit my-base/my-realm.xml - you could copy in the contents of demo-base/etc/test-realm.xml for a start and change it as appropriate. Edit your my-base/start.ini file and put in a line with just etc/my-realm.xml on it (similarly to demo-base/start.ini has a line with etc/test-realm.xml on it). This will add your etc/my-realm.xml file to your command line when you run jetty. Jan On 30 September 2015 at 16:44, Bill Ross <[email protected]> wrote: > Thanks Jan, > > Seeing that the HashLoginService is sufficient, and that it is associated > with a realm, I found > > https://wiki.eclipse.org/Jetty/Tutorial/Realms > > and per that I added an /etc/jetty.xml file: > > <Configure id="Server" class="org.eclipse.jetty.server.Server"> > > <Call name="addBean"> > <Arg> > <New class="org.eclipse.jetty.security.HashLoginService"> > <Set name="name">Test Realm</Set> > <Set name="config"><SystemProperty name="jetty.home" > default="."/>/etc/realm.properties</Set> > <Set name="refreshInterval">0</Set> > </New> > </Arg> > </Call> > > </Configure> > > However when I start jetty with this file and a simple > etc/realm.properties file, I get this on loading the standard > jetty-http.xml: > > 2015-09-29 23:28:12.676:WARN:oejx.XmlConfiguration:main: Config error at > <Call name="addConnector"><Arg>| <New id="httpConnector" > class="org.eclipse.jetty.server.ServerConnector"><Arg name="server"><Ref > refid="Server"/></Arg><Arg name="acceptors" type="int"><Property > name="jetty.http.acceptors" deprecated="http.acceptors" > default="-1"/></Arg><Arg name="selectors" type="int"><Property > name="jetty.http.selectors" deprecated="http.selectors" > default="-1"/></Arg><Arg name="factories">| <Array > type="org.eclipse.jetty.server.ConnectionFactory"><Item>| <New > class="org.eclipse.jetty.server.HttpConnectionFactory"><Arg > name="config"><Ref refid="httpConfig"/></Arg></New>| > </Item></Array>| </Arg><Set name="host"><Property > name="jetty.http.host" deprecated="jetty.host"/></Set><Set > name="port"><Property name="jetty.http.port" deprecated="jetty.port" > default="8080"/></Set><Set name="idleTimeout"><Property > name="jetty.http.idleTimeout" deprecated="http.timeout" > default="30000"/></Set><Set name="soLingerTime"><Property > name="jetty.http.soLingerTime" deprecated="http.soLingerTime" > default="-1"/></Set><Set name="acceptorPriorityDelta"><Property > name="jetty.http.acceptorPriorityDelta" > deprecated="http.acceptorPriorityDelta" default="0"/></Set><Set > name="acceptQueueSize"><Property name="jetty.http.acceptQueueSize" > deprecated="http.acceptQueueSize" default="0"/></Set></New>| > </Arg></Call> java.lang.reflect.InvocationTargetException in > file:/Users/priot/jetty/org.eclipse.jetty.project/jetty-distribution/target/distribution/etc/jetty-http.xml > java.lang.reflect.InvocationTargetException > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:497) > at org.eclipse.jetty.start.Main.invokeMain(Main.java:214) > at org.eclipse.jetty.start.Main.start(Main.java:457) > at org.eclipse.jetty.start.Main.main(Main.java:75) > Caused by: java.lang.reflect.InvocationTargetException > at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native > Method) > at > sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) > at > sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) > at java.lang.reflect.Constructor.newInstance(Constructor.java:422) > at org.eclipse.jetty.util.TypeUtil.construct(TypeUtil.java:627) > at > org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.newObj(XmlConfiguration.java:782) > at > org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.itemValue(XmlConfiguration.java:1233) > at > org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.value(XmlConfiguration.java:1138) > at > org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.newArray(XmlConfiguration.java:860) > at > org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.itemValue(XmlConfiguration.java:1237) > at > org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.value(XmlConfiguration.java:1138) > at > org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.newObj(XmlConfiguration.java:766) > at > org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.itemValue(XmlConfiguration.java:1233) > at > org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.value(XmlConfiguration.java:1138) > at > org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.access$500(XmlConfiguration.java:274) > at > org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration$AttrOrElementNode.getList(XmlConfiguration.java:1366) > at > org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration$AttrOrElementNode.getList(XmlConfiguration.java:1341) > at > org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.call(XmlConfiguration.java:704) > at > org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.configure(XmlConfiguration.java:417) > at > org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.configure(XmlConfiguration.java:358) > at > org.eclipse.jetty.xml.XmlConfiguration.configure(XmlConfiguration.java:259) > at > org.eclipse.jetty.xml.XmlConfiguration$1.run(XmlConfiguration.java:1498) > at java.security.AccessController.doPrivileged(Native Method) > at > org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1435) > ... 7 more > Caused by: java.lang.IllegalArgumentException: Null HttpConfiguration > at > org.eclipse.jetty.server.HttpConnectionFactory.<init>(HttpConnectionFactory.java:45) > ... 31 more > > > Speaking of problems, I just did a git pull in case the problem was an > earlier pull, and got this on building: > > [ERROR] symbol: class NamingContext <== seems to be gone > [ERROR] location: class org.eclipse.jetty.jndi.local.localContextRoot > > Thanks, > Bill > > > > On 9/29/2015 6:44 PM, Jan Bartel wrote: > > Hi Bill, > > I think you'll get a bit more clarity if you look in demo-base/webapps at > the test-jaas.xml and test-jaas.war file. This is the example webapp for > configuring and using jaas. > > > > >> My question is, why have two password files? Are both required? >> > > There are different password files for different purposes: > > etc/test-realm.xml configures a HashLoginService that is set as the > default login service on the Server object and references > etc/realm.properties with the passwords and roles > etc/realm.properties is also referenced by the webapp-specific > HashLoginService configured for the test webapp in webapps/test.xml > etc/login.conf is a jaas configuration file. The webapps/test-jaas.xml > context file sets up a JAASLoginService for the webapps/test-jaas.war > webapp, which will use the etc/login.conf file to point to the passwords > and roles defined in etc/login.properties. > > > So, HashLoginService is an alternative to JAASLoginService and they both > have different config files and formats. The demo-base has both to cater to > the multiple different webapps deployed in it. > > > regards > Jan > > > >> >> Also, etc/test-realm.xml creates a HashLoginService, is that >> complementary to JAASLoginService? I don't see that in demo-base/etc/ at >> least. I expected to see a Configure Server somewhere at the top level of >> the demo bringing in JAASLoginService based on >> >> http://www.eclipse.org/jetty/documentation/current/jaas-support.html >> >> Third question is, why is there no demo-base/web.xml? It seems I need one >> because I want to password protect both war/servlets and ROOT: >> >> --webapp/my.war [2 servlets with a web.xml] >> --webapp/ROOT >> >> It seems I need to define a realm that encompasses them? Would a >> ${jetty.base}/web.xml like this be sufficient (per the jaas-support page)? >> >> <login-config> >> <auth-method>FORM</auth-method> >> <realm-name>mywholesite</realm-name> >> <form-login-config> >> <form-login-page>/login/login</form-login-page> <== example? >> <form-error-page>/login/error</form-error-page> <== example? (e.g. >> if a param is passed) >> </form-login-config> >> </login-config> >> >> And it would automatically cover the war and ROOT, or would that need to >> be spelled out? >> The web.xml info I see on Google looks generally like servlet config, >> which I have down in my war's web.xml. >> >> Thanks, >> Bill >> >> _______________________________________________ >> jetty-users mailing list >> [email protected] >> To change your delivery options, retrieve your password, or unsubscribe >> from this list, visit >> https://dev.eclipse.org/mailman/listinfo/jetty-users >> > > > > -- > Jan Bartel <[email protected]> > <http://www.webtide.com>www.webtide.com > *Expert assistance from the creators of Jetty and CometD* > > > > _______________________________________________ > jetty-users mailing [email protected] > To change your delivery options, retrieve your password, or unsubscribe from > this list, visithttps://dev.eclipse.org/mailman/listinfo/jetty-users > > > > _______________________________________________ > jetty-users mailing list > [email protected] > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://dev.eclipse.org/mailman/listinfo/jetty-users > -- Jan Bartel <[email protected]> www.webtide.com *Expert assistance from the creators of Jetty and CometD*
_______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users
