You only need to configure a realm and loginservice if you're doing any kind of authentication/authorization in your webapp.
You have some kind of configuration mismatch, as the the ConstraintSecurityHandler has had a BasicAuthenticator set up on it - either via jetty xml config or an entry in web.xml - but yet neither the server or the context has had a LoginService set up on it. Your xml snippet shows a FormAuthenticator, yet at runtime it's a BasicAuthencator, so there's something wrong with your config. If you don't want to do any authentication, take the <login-config> element out of your web.xml (or however you've set up the BasicAuthenticator). Otherwise, you need to provide some type of LoginService, usually set as a bean on the Server instance, but can also be set on the WebAppContext instance in the context xml file (I think you're calling it app.xml?). You haven't provided many details of your setup, but if you have another webapp/context in the mix and it also requires authentication it will also need access to a LoginService: generally, but not necessarily, all webapps share the same LoginService, set as a bean on the Server. If you've only configured a LoginService for one context, the other could be the one producing the stacktrace. regards Jan On Wed, 27 Apr 2022 at 09:51, Bill Ross via jetty-users < [email protected]> wrote: > I'm trying to simplify before open-sourcing. I used to have a HashLogin, > and it seems I can't get rid of the requirement. E.g. it wants the > securityHandler, and an empty jetty-base/etc/realm.properties is needed > at least. > > 9.4 > > Thanks, > > Bill > > > I seem to need this in jetty-base/webapps/app.xml: > > <Get name="securityHandler"> > <Set name="loginService"> > <New class="org.eclipse.jetty.security.HashLoginService"> > > ... > > </Set> > <Set name="authenticator"> > <New > class="org.eclipse.jetty.security.authentication.FormAuthenticator"> > <Set name="alwaysSaveUri">true</Set> > </New> > </Set> > <Set name="checkWelcomeFiles">true</Set> > </Get> > > java.lang.IllegalStateException: No LoginService for > org.eclipse.jetty.security.authentication.BasicAuthenticator@77825085 in > ConstraintSecurityHandler@3568f9d2{STARTING} > at > > org.eclipse.jetty.security.authentication.LoginAuthenticator.setConfiguration(LoginAuthenticator.java:92) > at > > org.eclipse.jetty.security.SecurityHandler.doStart(SecurityHandler.java:410) > at > > org.eclipse.jetty.security.ConstraintSecurityHandler.doStart(ConstraintSecurityHandler.java:417) > > -- > Phobrain.com > _______________________________________________ > jetty-users mailing list > [email protected] > To unsubscribe from this list, visit > https://www.eclipse.org/mailman/listinfo/jetty-users > -- Jan Bartel <[email protected]> www.webtide.com *Expert assistance from the creators of Jetty and CometD*
_______________________________________________ jetty-users mailing list [email protected] To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
