Embedded Jetty - 以编程方式添加基于表单的身份验证 [英] Embedded Jetty - Programatically add form based authentication
问题描述
有没有办法以编程方式添加基于表单的身份验证,如下所示?
我使用自己的 LdapLoginModule
。最初我使用基本身份验证,它工作正常,但现在我想要更多控制登录页面(如显示徽标等)
Is there a way to programatically add Form based Authentication as per below?
I am using my own LdapLoginModule
. Initially I use Basic Authentication and it worked OK, but now I want more control on the Login page (like display logo, etc)
有没有好样品?
我使用的是嵌入式jetty v8.1.7。我不使用任何web.xml用于嵌入式jetty。 jetty服务器以编程方式启动。
I am using embedded jetty v8.1.7 . I don't use any web.xml for embedded jetty. The jetty server is started programatically.
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Test JAAS Realm</realm-name>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
推荐答案
创建 FormAuthenticator
并在 SecurityHandler
上为 ServletContextHandler
设置此项。此代码创建一个包含2个servlet的普通服务器。第一个servlet以经过身份验证的用户名的hello messsage响应。第二个servlet实现了一个简单的登录表单。
Create a FormAuthenticator
and set this on your SecurityHandler
for the ServletContextHandler
. This code creates a trivial server with 2 servlets. The first servlet responds with a hello messsage to the authenticated user name. The second servlet implements a trivial login form.
您应该能够将代码粘贴到 main []
并运行(您将需要以下罐子在你的类路径中; jetty-server
, jetty-servlet
和 jetty-security
)。要进行测试,请将浏览器指向 http:// localhost:8080
,在看到的响应之前,系统会提示您输入凭据(用户名/密码)你好用户名
。
You should be able to paste the code into a main[]
and run (you will need the following jars in your classpath; jetty-server
, jetty-servlet
and jetty-security
). To test, point a browser at http://localhost:8080
, you should be prompted for credentials (username / password) before seeing a response of hello username
.
Server server = new Server(8080);
ServletContextHandler context = new ServletContextHandler(server, "/", ServletContextHandler.SESSIONS | ServletContextHandler.SECURITY);
context.addServlet(new ServletHolder(new DefaultServlet() {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.getWriter().append("hello " + request.getUserPrincipal().getName());
}
}), "/*");
context.addServlet(new ServletHolder(new DefaultServlet() {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.getWriter().append("<html><form method='POST' action='/j_security_check'>"
+ "<input type='text' name='j_username'/>"
+ "<input type='password' name='j_password'/>"
+ "<input type='submit' value='Login'/></form></html>");
}
}), "/login");
Constraint constraint = new Constraint();
constraint.setName(Constraint.__FORM_AUTH);
constraint.setRoles(new String[]{"user","admin","moderator"});
constraint.setAuthenticate(true);
ConstraintMapping constraintMapping = new ConstraintMapping();
constraintMapping.setConstraint(constraint);
constraintMapping.setPathSpec("/*");
ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
securityHandler.addConstraintMapping(constraintMapping);
HashLoginService loginService = new HashLoginService();
loginService.putUser("username", new Password("password"), new String[] {"user"});
securityHandler.setLoginService(loginService);
FormAuthenticator authenticator = new FormAuthenticator("/login", "/login", false);
securityHandler.setAuthenticator(authenticator);
context.setSecurityHandler(securityHandler);
server.start();
server.join();
这篇关于Embedded Jetty - 以编程方式添加基于表单的身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!