examples/embedded/src/main/java/org/eclipse/jetty/embedded/SecuredHelloHandler.java - gerrit/jetty/org.eclipse.jetty.project - Git at Google

 //
 //  ========================================================================
 //  Copyright (c) 1995-2015 Mort Bay Consulting Pty. Ltd.
 //  ------------------------------------------------------------------------
 //  All rights reserved. This program and the accompanying materials
 //  are made available under the terms of the Eclipse Public License v1.0
 //  and Apache License v2.0 which accompanies this distribution.
 //
 //      The Eclipse Public License is available at
 //      http://www.eclipse.org/legal/epl-v10.html
 //
 //      The Apache License v2.0 is available at
 //      http://www.opensource.org/licenses/apache2.0.php
 //
 //  You may elect to redistribute this code under either of these licenses.
 //  ========================================================================
 //

 package org.eclipse.jetty.embedded;

 import java.util.Collections;

 import org.eclipse.jetty.security.ConstraintMapping;
 import org.eclipse.jetty.security.ConstraintSecurityHandler;
 import org.eclipse.jetty.security.HashLoginService;
 import org.eclipse.jetty.security.LoginService;
 import org.eclipse.jetty.security.authentication.BasicAuthenticator;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.util.security.Constraint;

 public class SecuredHelloHandler
 {
     public static void main( String[] args ) throws Exception
     {
         // Create a basic jetty server object that will listen on port 8080.
         // Note that if you set this to port 0 then a randomly available port
         // will be assigned that you can either look in the logs for the port,
         // or programmatically obtain it for use in test cases.
         Server server = new Server(8080);

         // Since this example is for our test webapp, we need to setup a
         // LoginService so this shows how to create a very simple hashmap based
         // one. The name of the LoginService needs to correspond to what is
         // configured a webapp's web.xml and since it has a lifecycle of its own
         // we register it as a bean with the Jetty server object so it can be
         // started and stopped according to the lifecycle of the server itself.
         // In this example the name can be whatever you like since we are not
         // dealing with webapp realms.
         LoginService loginService = new HashLoginService("MyRealm",
                 "src/test/resources/realm.properties");
         server.addBean(loginService);

         // A security handler is a jetty handler that secures content behind a
         // particular portion of a url space. The ConstraintSecurityHandler is a
         // more specialized handler that allows matching of urls to different
         // constraints. The server sets this as the first handler in the chain,
         // effectively applying these constraints to all subsequent handlers in
         // the chain.
         ConstraintSecurityHandler security = new ConstraintSecurityHandler();
         server.setHandler(security);

         // This constraint requires authentication and in addition that an
         // authenticated user be a member of a given set of roles for
         // authorization purposes.
         Constraint constraint = new Constraint();
         constraint.setName("auth");
         constraint.setAuthenticate(true);
         constraint.setRoles(new String[] { "user", "admin" });

         // Binds a url pattern with the previously created constraint. The roles
         // for this constraing mapping are mined from the Constraint itself
         // although methods exist to declare and bind roles separately as well.
         ConstraintMapping mapping = new ConstraintMapping();
         mapping.setPathSpec("/*");
         mapping.setConstraint(constraint);

         // First you see the constraint mapping being applied to the handler as
         // a singleton list, however you can passing in as many security
         // constraint mappings as you like so long as they follow the mapping
         // requirements of the servlet api. Next we set a BasicAuthenticator
         // instance which is the object that actually checks the credentials
         // followed by the LoginService which is the store of known users, etc.
         security.setConstraintMappings(Collections.singletonList(mapping));
         security.setAuthenticator(new BasicAuthenticator());
         security.setLoginService(loginService);

         // The Hello Handler is the handler we are securing so we create one,
         // and then set it as the handler on the
         // security handler to complain the simple handler chain.
         HelloHandler hh = new HelloHandler();

         // chain the hello handler into the security handler
         security.setHandler(hh);

         // Start things up!
         server.start();

         // The use of server.join() the will make the current thread join and
         // wait until the server is done executing.
         // See
         // http://docs.oracle.com/javase/7/docs/api/java/lang/Thread.html#join()
         server.join();
     }
 }
	//
	// ========================================================================
	// Copyright (c) 1995-2015 Mort Bay Consulting Pty. Ltd.
	// ------------------------------------------------------------------------
	// All rights reserved. This program and the accompanying materials
	// are made available under the terms of the Eclipse Public License v1.0
	// and Apache License v2.0 which accompanies this distribution.
	//
	// The Eclipse Public License is available at
	// http://www.eclipse.org/legal/epl-v10.html
	//
	// The Apache License v2.0 is available at
	// http://www.opensource.org/licenses/apache2.0.php
	//
	// You may elect to redistribute this code under either of these licenses.
	// ========================================================================
	//

	package org.eclipse.jetty.embedded;

	import java.util.Collections;

	import org.eclipse.jetty.security.ConstraintMapping;
	import org.eclipse.jetty.security.ConstraintSecurityHandler;
	import org.eclipse.jetty.security.HashLoginService;
	import org.eclipse.jetty.security.LoginService;
	import org.eclipse.jetty.security.authentication.BasicAuthenticator;
	import org.eclipse.jetty.server.Server;
	import org.eclipse.jetty.util.security.Constraint;

	public class SecuredHelloHandler
	{
	public static void main( String[] args ) throws Exception
	{
	// Create a basic jetty server object that will listen on port 8080.
	// Note that if you set this to port 0 then a randomly available port
	// will be assigned that you can either look in the logs for the port,
	// or programmatically obtain it for use in test cases.
	Server server = new Server(8080);

	// Since this example is for our test webapp, we need to setup a
	// LoginService so this shows how to create a very simple hashmap based
	// one. The name of the LoginService needs to correspond to what is
	// configured a webapp's web.xml and since it has a lifecycle of its own
	// we register it as a bean with the Jetty server object so it can be
	// started and stopped according to the lifecycle of the server itself.
	// In this example the name can be whatever you like since we are not
	// dealing with webapp realms.
	LoginService loginService = new HashLoginService("MyRealm",
	"src/test/resources/realm.properties");
	server.addBean(loginService);

	// A security handler is a jetty handler that secures content behind a
	// particular portion of a url space. The ConstraintSecurityHandler is a
	// more specialized handler that allows matching of urls to different
	// constraints. The server sets this as the first handler in the chain,
	// effectively applying these constraints to all subsequent handlers in
	// the chain.
	ConstraintSecurityHandler security = new ConstraintSecurityHandler();
	server.setHandler(security);

	// This constraint requires authentication and in addition that an
	// authenticated user be a member of a given set of roles for
	// authorization purposes.
	Constraint constraint = new Constraint();
	constraint.setName("auth");
	constraint.setAuthenticate(true);
	constraint.setRoles(new String[] { "user", "admin" });

	// Binds a url pattern with the previously created constraint. The roles
	// for this constraing mapping are mined from the Constraint itself
	// although methods exist to declare and bind roles separately as well.
	ConstraintMapping mapping = new ConstraintMapping();
	mapping.setPathSpec("/*");
	mapping.setConstraint(constraint);

	// First you see the constraint mapping being applied to the handler as
	// a singleton list, however you can passing in as many security
	// constraint mappings as you like so long as they follow the mapping
	// requirements of the servlet api. Next we set a BasicAuthenticator
	// instance which is the object that actually checks the credentials
	// followed by the LoginService which is the store of known users, etc.
	security.setConstraintMappings(Collections.singletonList(mapping));
	security.setAuthenticator(new BasicAuthenticator());
	security.setLoginService(loginService);

	// The Hello Handler is the handler we are securing so we create one,
	// and then set it as the handler on the
	// security handler to complain the simple handler chain.
	HelloHandler hh = new HelloHandler();

	// chain the hello handler into the security handler
	security.setHandler(hh);

	// Start things up!
	server.start();

	// The use of server.join() the will make the current thread join and
	// wait until the server is done executing.
	// See
	// http://docs.oracle.com/javase/7/docs/api/java/lang/Thread.html#join()
	server.join();
	}
	}