Serge,

the problem is that you have added a ConstraintSecurityHandler as the prime
Server handler and it does not have a SessionHandler to create the session.

Note that within your WebAppContext, you will already have a SessionHandler
and a ConstraintSecurityHandler, so you really should just configure those.
       However, you have an external ResourceHandler, which again is not
strictly necessary as the DefaultServlet in the WebAppContext is able to
server static content.

So you either need to decide to use the WebAppContext and all it's built in
capabilities

OR

use a ServletContextHandler that will be able to build a structure like

  Server -> ServletContextHandler -> SessionHandler
-> ConstraintSecurityHandler -> ServletHandler

which you could modify to

  Server -> ServletContextHandler -> SessionHandler ->
ConstraintSecurityHandler -> HandlerList [ ResourceHandler,
ServletContextHandler ]

OR

build your own structure like:

  Server -> SessionHandler -> ConstraintSecurityHandler -> HandlerList [
ResourceHandler, ServletContextHandler ]


cheers




On 4 August 2017 at 15:26, Serge Weinstock <serge.weinst...@gmail.com>
wrote:

> I've just added authentication to my embedded jetty 9 web server. I'm
> using the JDBCLoginService and everything works fine.
>
>
>
> I now want to add a login page. But I can’t get it working: when the
> FormAuthenticator.validate() method is called, it's trying to get an
> HTTPsession and none is found.
>
>
>
> I've been trying to create Sessions but I've been unable to find the
> correct API. Can someone give me an example?
>
>
>
> This is my code:
>
>
>
> // the file server part
>
> ResourceHandler resource_handler = new ResourceHandler();
>
> resource_handler.setDirectoriesListed(false);
>
> resource_handler.setResourceBase("www");
>
> resource_handler.setDirectoriesListed(false);
>
> resource_handler.setWelcomeFiles(new String[]{ "html/dashboard.html" });
>
> // the JSP part
>
> WebAppContext webAppContext = new WebAppContext();
>
> webAppContext.setResourceBase("www");
>
> webAppContext.setInitParameter("dirAllowed", "false");
>
> webAppContext.addServlet(new ServletHolder(new QueryGlobals()),
> "/queries/globals");
>
> webAppContext.addServlet(new ServletHolder(new QueryAllVenues()),
> "/queries/all_venues");
>
> HandlerList handlers = new HandlerList();
>
> handlers.setHandlers(new Handler[] {
>
>         // static files
>
>         resource_handler,
>
>         // servlets
>
>         webAppContext,
>
>         // 404
>
>         new DefaultHandler()
>
>     });
>
> // get the path for the authentication settings
>
> // it should be in the same folder than the platform location
>
> File configFile = new File(System.getProperty("com.b
> npp.firefly.configfile"));
>
> File authConfigFile = new File(configFile.getParent(), "auth.properties");
>
> LoginService loginService = new 
> org.eclipse.jetty.security.JDBCLoginService("MyRealm",
> authConfigFile.getPath());
>
> m_server.addBean(loginService);
>
>
>
> ConstraintSecurityHandler security = new ConstraintSecurityHandler();
>
> Constraint constraint = new Constraint();
>
> constraint.setName(Constraint.__FORM_AUTH);
>
> constraint.setAuthenticate(true);
>
> constraint.setRoles(new String[] { "user", "admin" });
>
>
>
> ConstraintMapping mapping = new ConstraintMapping();
>
> mapping.setPathSpec("/*");
>
> mapping.setConstraint(constraint);
>
>
>
> security.addConstraintMapping(mapping);
>
> FormAuthenticator authenticator = new FormAuthenticator("/html/login.html",
> "/html/login.html", false);
>
> security.setAuthenticator(authenticator);
>
> security.setLoginService(loginService);
>
>
>
>
>
> security.setHandler(handlers);
>
> m_server.setHandler(security);
>
>
>
>
>
> m_server.start();
>
>
>
> Thanks,
>
> Serge
>
> _______________________________________________
> jetty-users mailing list
> jetty-users@eclipse.org
> To change your delivery options, retrieve your password, or unsubscribe
> from this list, visit
> https://dev.eclipse.org/mailman/listinfo/jetty-users
>



-- 
Greg Wilkins <gr...@webtide.com> CTO http://webtide.com
_______________________________________________
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from 
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users

Reply via email to