Wednesday, February 10, 2010

Jetty 7 maven plugin authentication realms

The configuration directive UserRealm seems to no longer work with the jetty 7 maven plugin (jetty-maven-plugin). I received the following error:

java.lang.IllegalStateException: No LoginService for org.eclipse.jetty.security.authentication.BasicAuthenticator@4095c5ec in ConstraintSecurityHandler@28f52a14@

Fixing this involved:

  • Creating a jetty configuration file, such as the following:


    <?xml version="1.0" encoding="ISO-8859-1"?>
    <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">
    <Configure class="org.eclipse.jetty.webapp.WebAppContext">
      <Get name="securityHandler">
        <Set name="loginService">
          <New class="org.eclipse.jetty.security.HashLoginService">
            <Set name="name">YourSecurityRealmHere</Set>
            <Set name="config">src/test/resources/jetty-realm.properties</Set>
            <Call name="start"/>
          </New>
        </Set>
        <Set name="checkWelcomeFiles">true</Set>
      </Get>
    </Configure>

    To be saved as src/test/resources/jetty-test.xml

  • Create a src/test/resources/jetty-realm.properties with your Jetty 7 password file.

  • Updating the jetty configuration in my pom.xml:

          <plugin>
            <groupId>org.mortbay.jetty</groupId>
            <artifactId>jetty-maven-plugin</artifactId>
            <version>7.0.1.v20091125</version>
            <configuration>
              <webAppXml>src/test/resources/jetty-test.xml</webAppXml>
            </configuration>
            <dependencies>
              <dependency>
                <groupId>org.eclipse.jetty</groupId>
                <artifactId>jetty-servlets</artifactId>
                <version>7.0.1.v20091125</version>
              </dependency>
            </dependencies>
          </plugin>
    

    The important entry is webAppXML. The extra dependency to jetty-servlets was added to support GZip in Jetty 7.

Jetty seems to ignore webdefault.xml

If just tried to edit webdefaults.xml to disable directory views, and the change was not reflected in my webapp. The reason: webdefaults.xml is not read by default, but must be explicitly added to the context of the webapp:


 <Set name="defaultsDescriptor"><SystemProperty name="jetty.home" default="."/>/etc/webdefault.xml</Set>

And suddenly all changes in webdefaults.xml are applied.