Wednesday, February 10, 2010

Jetty 7 maven plugin authentication realms

The configuration directive UserRealm seems to no longer work with the jetty 7 maven plugin (jetty-maven-plugin). I received the following error:

java.lang.IllegalStateException: No LoginService for org.eclipse.jetty.security.authentication.BasicAuthenticator@4095c5ec in ConstraintSecurityHandler@28f52a14@

Fixing this involved:

  • Creating a jetty configuration file, such as the following:


    <?xml version="1.0" encoding="ISO-8859-1"?>
    <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">
    <Configure class="org.eclipse.jetty.webapp.WebAppContext">
      <Get name="securityHandler">
        <Set name="loginService">
          <New class="org.eclipse.jetty.security.HashLoginService">
            <Set name="name">YourSecurityRealmHere</Set>
            <Set name="config">src/test/resources/jetty-realm.properties</Set>
            <Call name="start"/>
          </New>
        </Set>
        <Set name="checkWelcomeFiles">true</Set>
      </Get>
    </Configure>

    To be saved as src/test/resources/jetty-test.xml

  • Create a src/test/resources/jetty-realm.properties with your Jetty 7 password file.

  • Updating the jetty configuration in my pom.xml:

          <plugin>
            <groupId>org.mortbay.jetty</groupId>
            <artifactId>jetty-maven-plugin</artifactId>
            <version>7.0.1.v20091125</version>
            <configuration>
              <webAppXml>src/test/resources/jetty-test.xml</webAppXml>
            </configuration>
            <dependencies>
              <dependency>
                <groupId>org.eclipse.jetty</groupId>
                <artifactId>jetty-servlets</artifactId>
                <version>7.0.1.v20091125</version>
              </dependency>
            </dependencies>
          </plugin>
    

    The important entry is webAppXML. The extra dependency to jetty-servlets was added to support GZip in Jetty 7.

3 comments:

  1. Hi Max,
    Thanks for the tip.

    I found also something usefull if you have to manage multimodule projects.

    Instead of setting up the LoginService in the jetty-test.xml file, you can provide it within the pom.xml file which allows you to use ${pom.xxx} elements :

    <loginServices>
    <loginService implementation="org.eclipse.jetty.security.HashLoginService">
    <name>YourSecurityRealmHere</name>
    <config>${project.build.directory}/test-classes/jetty-realm.properties</config>
    </loginService>
    </loginServices>

    Hope this helps.
    David.

    ReplyDelete
  2. Thanks, this helped me finally get Jetty authorization going.

    ReplyDelete
  3. Thanks, your solution worked perfectly.

    ReplyDelete

Home

Followers