I'm trying to use Jetty security loading configuration from xml config file. The file loads without any error but policies seems not to work. I thought to load configuration via code, but I'm using JAXRSServerFactoryBean and it seems also not to be possible. Here it is mi config file:
<beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:httpj=" http://cxf.apache.org/transports/http-jetty/configuration"; xsi:schemaLocation=" http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd";> <httpj:engine-factory bus="cxf"> <httpj:engine port="0"> <httpj:threadingParameters minThreads="5" maxThreads="15" /> <httpj:handlers> <bean class="org.eclipse.jetty.security.ConstraintSecurityHandler"> <property name="loginService" ref="securityLoginService" /> <property name="constraintMappings"> <list> <ref bean="securityConstraintMapping" /> </list> </property> </bean> </httpj:handlers> </httpj:engine> </httpj:engine-factory> <bean id="securityLoginService" class="org.eclipse.jetty.security.HashLoginService"> <property name="name" value="WSRealm" /> <property name="config" value="src/es/uned/scc/related/cserver/ws/configuration/jetty-realm.properties" /> </bean> <bean id="securityConstraint" class="org.eclipse.jetty.http.security.Constraint"> <property name="name" value="BASIC" /> <property name="roles" value="admin" /> <property name="authenticate" value="true" /> </bean> <bean id="securityConstraintMapping" class="org.eclipse.jetty.security.ConstraintMapping"> <property name="constraint" ref="securityConstraint" /> <property name="pathSpec" value="/*" /> </bean> </beans> jetty-realm.properties # Defines users that can access the web (console, demo, etc.) # username: password [,rolename ...] ffang: pswd, admin And the code that creates the server: static{ // set the configuration file SpringBusFactory factory = new SpringBusFactory(); Bus bus = factory.createBus("src/es/uned/scc/related/cserver/ws/configuration/server-sec-bean.xml"); BusFactory.setDefaultBus(bus); } .... .... .... ..... public void start() throws Exception{ if (sf == null){ sf = new JAXRSServerFactoryBean(); sf.setResourceClasses(RLABSystemWSRest.class); sf.setResourceProvider(RLABSystemWSRest.class, new SingletonResourceProvider(new RLABSystemWSRest())); sf.setAddress(address); server = sf.create(); System.out.println("Servidor arrancado y servicio publicado..."); } else { if (server.isStarted()) { System.out.println("Servidor ya estaba arrancado y el servicio publicado..."); }else{ server.start(); System.out.println("Servidor arrancado y servicio publicado..."); } } } As I said before, the config file loads perfectly, at least apparently, but if I try to call any operation defined as service without any credential, I receive server status 200 OK, and the correct response of course. Any idea. Thank to everybody, Juanjo.
