jetty.demo.realm only exists in demo config files - it is not in any java
files.
<div>-------- Original message --------</div><div>From: Bill Ross
<[email protected]> </div><div>Date:10/01/2015 1:06 PM (GMT-08:00)
</div><div>To: [email protected] </div><div>Subject: Re: [jetty-users]
HashLoginService (was JAAS) </div><div>
</div>Jan (or anyone),
> There's also a jetty-specific feature that if the realm-name is omitted from
> the <login-config> then we'll automatically select the first LoginService
> that has been defined for a Server instance (eg as an addBean() as has been
> shown in the doco and in the demo-base/etc/test-realm.xml).
Aha, when I delete the realm-name from the <login-config> in web.xml, I see
that my HashLoginService evidently didn't get registered even though the
etc/realm.xml has
<Configure id="Server" class="org.eclipse.jetty.server.Server">
<Call name="addBean">
<Arg>
<New class="org.eclipse.jetty.security.HashLoginService">
<Set name="name">Test Realm</Set>
<Set name="config"><Property name="jetty.demo.realm"
default="etc/realm.properties"/></Set>
<Set name="refreshInterval">0</Set>
</New>
</Arg>
</Call>
<Get class="org.eclipse.jetty.util.log.Log" name="rootLogger">
<Call name="warn"><Arg>demo test-realm is deployed. DO NOT USE IN
PRODUCTION!</Arg></Call>
</Get>
</Configure>
And on startup I see:
2015-10-01 12:50:39.793:WARN::main: demo test-realm is deployed. DO NOT USE IN
PRODUCTION!
2015-10-01 12:50:40.203:WARN:oejw.WebAppContext:main: Failed startup of context
o.e.j.w.WebAppContext@234bef66{/,file:///Users/priot/pr/jetty-base/webapps/ROOT/,STARTING}{/ROOT}
java.lang.IllegalStateException: No LoginService for
org.eclipse.jetty.security.authentication.BasicAuthenticator@47db50c5 in
org.eclipse.jetty.security.ConstraintSecurityHandler@5c072e3f
at
org.eclipse.jetty.security.authentication.LoginAuthenticator.setConfiguration(LoginAuthenticator.java:76)
at
org.eclipse.jetty.security.SecurityHandler.doStart(SecurityHandler.java:354)
at
org.eclipse.jetty.security.ConstraintSecurityHandler.doStart(ConstraintSecurityHandler.java:448)
So there seems to be a bug in docs or code since the HashLoginService setup is
quietly consumed but seems to have no effect.
And in case anyone is still reading, once again, is the "jetty.demo.realm"
supposed to mean anything or match anything???
<Property name="jetty.demo.realm" default="etc/realm.properties"/>
Thanks,
Bill
On 9/30/2015 1:29 AM, Jan Bartel wrote:
Bill,
If you use the same realm-name in the <login-config> element of multiple
webapps, they'll all share the same LoginService.
There's also a jetty-specific feature that if the realm-name is omitted from
the <login-config> then we'll automatically select the first LoginService that
has been defined for a Server instance (eg as an addBean() as has been shown in
the doco and in the demo-base/etc/test-realm.xml).
Jan
On 30 September 2015 at 18:10, Bill Ross <[email protected]> wrote:
Hi Jan,
So if web.xml only goes in a webapp, how can a realm defined in one cover the
contents of ROOT?
I will see how you change that text and try the result.
Thanks,
Bill
-------- Original message --------
From: Jan Bartel
Date:09/30/2015 12:46 AM (GMT-08:00)
To: JETTY user mailing list
Subject: Re: [jetty-users] JAAS questions
Hi Bill,
web.xml does not go into the ${jetty.base} directory.
It can only go into a WEB-INF directory of a webapp, such as a webapp inside of
the ${jetty.base}/webapps directory, which is the default deploy directory.
Also, I will change the text on the Security page which mentions jetty.xml -
this is no doubt historical from before we had the distinction between
${jetty.home} and ${jetty.base}. And no, I do NOT recommend anyone edits
${jetty.home} - there should be very very very few cases where this is
necessary (and this isn't one of them :)).
cheers
Jan
On 30 September 2015 at 17:35, Bill Ross <[email protected]>
wrote:
Jan, there was no jetty-base etc dir before I created it to put that file in. I
thought jetty xmls were additive, but it sounds like the base one tromped the
home one. I have home set to the distribution of my last build of the current
tree.
The configuring security link brings me_______________________________________________
jetty-users mailing list
[email protected]
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
