Thanks,

To use only the WebAppContext is a good solution

This is the code I've finally used:

// Creating the server on port webPort
m_server = new Server(webPort);

// get the path for the authentication settings
// it should be in the same folder than the platform location
File configFile = new
File(System.getProperty("com.bnpp.firefly.configfile"));
File authConfigFile = new File(configFile.getParent(), "auth.properties");
// set the login service
LoginService loginService = new
org.eclipse.jetty.security.JDBCLoginService("MyRealm",
authConfigFile.getPath());
ConstraintSecurityHandler security = new ConstraintSecurityHandler();

// no authentication for these items
{
    Constraint constraint = new Constraint();
    constraint.setAuthenticate(false);

    for (String pathSpec: new String[] {
            "/images/*",
            "/css/*",
            "/lib/*",
        })
    {
        ConstraintMapping mapping = new ConstraintMapping();
        mapping.setPathSpec(pathSpec);
        mapping.setConstraint(constraint);
        security.addConstraintMapping(mapping);
    }
}

// must have authentication for the rest
{
    Constraint constraint = new Constraint();
    constraint.setName(Constraint.__FORM_AUTH);
    constraint.setAuthenticate(true);
    constraint.setRoles(new String[] { "user", "admin" });

    ConstraintMapping mapping = new ConstraintMapping();
    mapping.setPathSpec("/*");
    mapping.setConstraint(constraint);
    security.addConstraintMapping(mapping);
}

security.setLoginService(loginService);

FormAuthenticator authenticator = new FormAuthenticator("/html/login.html",
"/html/login.html?error=true", false);
security.setAuthenticator(authenticator);

// the JSP part
WebAppContext webAppContext = new WebAppContext();
//webAppContext.setContextPath("/");
webAppContext.setResourceBase("www");
webAppContext.setInitParameter("dirAllowed", "false");

//Including the JSTL jars for the webapp.
webAppContext.setAttribute("org.eclipse.jetty.server.webapp.ContainerIncludeJarPattern",".*/[^/]*jstl.*\\.jar$");

//Enabling the Annotation based configuration
org.eclipse.jetty.webapp.Configuration.ClassList classlist =
org.eclipse.jetty.webapp.Configuration.ClassList.setServerDefault(m_server);
classlist.addAfter("org.eclipse.jetty.webapp.FragmentConfiguration",
"org.eclipse.jetty.plus.webapp.EnvConfiguration",
"org.eclipse.jetty.plus.webapp.PlusConfiguration");
classlist.addBefore("org.eclipse.jetty.webapp.JettyWebXmlConfiguration",
"org.eclipse.jetty.annotations.AnnotationConfiguration");

webAppContext.addServlet(new ServletHolder(new QueryGlobals()),
"/queries/globals");
webAppContext.addServlet(new ServletHolder(new QueryAllVenues()),
"/queries/all_venues");
webAppContext.addServlet(new ServletHolder(new QuerySearchCSV()),
"/queries/searchCSV");
webAppContext.addServlet(new ServletHolder(new QuerySearchWithPaging()),
"/queries/searchWithPaging");
webAppContext.setWelcomeFiles(new String [] {"html/dashboard.html"});

// this will set authentication
webAppContext.setSecurityHandler(security);
webAppContext.getSessionHandler().setMaxInactiveInterval(24 * 60 * 60);

// what the server serves
m_server.setHandler(webAppContext);

m_server.start();



On 4 August 2017 at 06:17, Serge Weinstock <serge.weinst...@gmail.com>
wrote:

> I've just added authentication to my embedded jetty 9 web server. I'm
> using the JDBCLoginService and everything works fine.
>
>
>
> I now want to add a login page. But I can’t get it working: when the
> FormAuthenticator.validate() method is called, it's trying to get an
> HTTPsession and none is found.
>
>
>
> I've been trying to create Sessions but I've been unable to find the
> correct API. Can someone give me an example?
>
>
>
> This is my code:
>
>
>
> // the file server part
>
> ResourceHandler resource_handler = new ResourceHandler();
>
> resource_handler.setDirectoriesListed(false);
>
> resource_handler.setResourceBase("www");
>
> resource_handler.setDirectoriesListed(false);
>
> resource_handler.setWelcomeFiles(new String[]{ "html/dashboard.html" });
>
> // the JSP part
>
> WebAppContext webAppContext = new WebAppContext();
>
> webAppContext.setResourceBase("www");
>
> webAppContext.setInitParameter("dirAllowed", "false");
>
> webAppContext.addServlet(new ServletHolder(new QueryGlobals()),
> "/queries/globals");
>
> webAppContext.addServlet(new ServletHolder(new QueryAllVenues()),
> "/queries/all_venues");
>
> HandlerList handlers = new HandlerList();
>
> handlers.setHandlers(new Handler[] {
>
>         // static files
>
>         resource_handler,
>
>         // servlets
>
>         webAppContext,
>
>         // 404
>
>         new DefaultHandler()
>
>     });
>
> // get the path for the authentication settings
>
> // it should be in the same folder than the platform location
>
> File configFile = new File(System.getProperty("com.
> bnpp.firefly.configfile"));
>
> File authConfigFile = new File(configFile.getParent(), "auth.properties");
>
> LoginService loginService = new 
> org.eclipse.jetty.security.JDBCLoginService("MyRealm",
> authConfigFile.getPath());
>
> m_server.addBean(loginService);
>
>
>
> ConstraintSecurityHandler security = new ConstraintSecurityHandler();
>
> Constraint constraint = new Constraint();
>
> constraint.setName(Constraint.__FORM_AUTH);
>
> constraint.setAuthenticate(true);
>
> constraint.setRoles(new String[] { "user", "admin" });
>
>
>
> ConstraintMapping mapping = new ConstraintMapping();
>
> mapping.setPathSpec("/*");
>
> mapping.setConstraint(constraint);
>
>
>
> security.addConstraintMapping(mapping);
>
> FormAuthenticator authenticator = new FormAuthenticator("/html/login.html",
> "/html/login.html", false);
>
> security.setAuthenticator(authenticator);
>
> security.setLoginService(loginService);
>
>
>
>
>
> security.setHandler(handlers);
>
> m_server.setHandler(security);
>
>
>
>
>
> m_server.start();
>
>
>
> Thanks
>
> Serge
>
>
_______________________________________________
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from 
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users

Reply via email to