examples/embedded/src/main/java/org/eclipse/jetty/embedded/SecuredHelloHandler.java - jetty/org.eclipse.jetty.project - Git at Google

 //
 //  ========================================================================
 //  Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
 //  ------------------------------------------------------------------------
 //  All rights reserved. This program and the accompanying materials
 //  are made available under the terms of the Eclipse Public License v1.0
 //  and Apache License v2.0 which accompanies this distribution.
 //
 //      The Eclipse Public License is available at
 //      http://www.eclipse.org/legal/epl-v10.html
 //
 //      The Apache License v2.0 is available at
 //      http://www.opensource.org/licenses/apache2.0.php
 //
 //  You may elect to redistribute this code under either of these licenses.
 //  ========================================================================
 //

 package org.eclipse.jetty.embedded;

 import java.util.Collections;

 import org.eclipse.jetty.security.ConstraintMapping;
 import org.eclipse.jetty.security.ConstraintSecurityHandler;
 import org.eclipse.jetty.security.HashLoginService;
 import org.eclipse.jetty.security.LoginService;
 import org.eclipse.jetty.security.authentication.BasicAuthenticator;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.util.security.Constraint;

 public class SecuredHelloHandler
 {
     public static void main(String[] args) throws Exception
     {
         // Create a basic jetty server object that will listen on port 8080.  Note that if you set this to port 0
         // then a randomly available port will be assigned that you can either look in the logs for the port,
         // or programmatically obtain it for use in test cases.
         Server server = new Server(8080);

         // Since this example is for our test webapp, we need to setup a LoginService so this shows how to create a
         // very simple hashmap based one.  The name of the LoginService needs to correspond to what is configured a
         // webapp's web.xml and since it has a lifecycle of its own we register it as a bean with the Jetty server
         // object so it can be started and stopped according to the lifecycle of the server itself. In this example
         // the name can be whatever you like since we are not dealing with webapp realms.
         LoginService loginService = new HashLoginService("MyRealm","src/test/resources/realm.properties");
         server.addBean(loginService);

         // A security handler is a jetty handler that secures content behind a particular portion of a url space. The
         // ConstraintSecurityHandler is a more specialized handler that allows matching of urls to different
         // constraints. The server sets this as the first handler in the chain,
         // effectively applying these constraints to all subsequent handlers in the chain.
         ConstraintSecurityHandler security = new ConstraintSecurityHandler();
         server.setHandler(security);

         // This constraint requires authentication and in addition that an authenticated user be a member of a given
         // set of roles for authorization purposes.
         Constraint constraint = new Constraint();
         constraint.setName("auth");
         constraint.setAuthenticate( true );
         constraint.setRoles(new String[]{"user", "admin"});

         // Binds a url pattern with the previously created constraint. The roles for this constraing mapping are
         // mined from the Constraint itself although methods exist to declare and bind roles separately as well.
         ConstraintMapping mapping = new ConstraintMapping();
         mapping.setPathSpec( "/*" );
         mapping.setConstraint( constraint );

         // First you see the constraint mapping being applied to the handler as a singleton list,
         // however you can passing in as many security constraint mappings as you like so long as they follow the
         // mapping requirements of the servlet api. Next we set a BasicAuthenticator instance which is the object
         // that actually checks the credentials followed by the LoginService which is the store of known users, etc.
         security.setConstraintMappings(Collections.singletonList(mapping));
         security.setAuthenticator(new BasicAuthenticator());
         security.setLoginService(loginService);

         // The Hello Handler is the handler we are securing so we create one, and then set it as the handler on the
         // security handler to complain the simple handler chain.
         HelloHandler hh = new HelloHandler();

         // chain the hello handler into the security handler
         security.setHandler(hh);

         // Start things up! By using the server.join() the server thread will join with the current thread.
         // See "http://docs.oracle.com/javase/1.5.0/docs/api/java/lang/Thread.html#join()" for more details.
         server.start();
         server.join();
     }
 }
	//
	// ========================================================================
	// Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
	// ------------------------------------------------------------------------
	// All rights reserved. This program and the accompanying materials
	// are made available under the terms of the Eclipse Public License v1.0
	// and Apache License v2.0 which accompanies this distribution.
	//
	// The Eclipse Public License is available at
	// http://www.eclipse.org/legal/epl-v10.html
	//
	// The Apache License v2.0 is available at
	// http://www.opensource.org/licenses/apache2.0.php
	//
	// You may elect to redistribute this code under either of these licenses.
	// ========================================================================
	//

	package org.eclipse.jetty.embedded;

	import java.util.Collections;

	import org.eclipse.jetty.security.ConstraintMapping;
	import org.eclipse.jetty.security.ConstraintSecurityHandler;
	import org.eclipse.jetty.security.HashLoginService;
	import org.eclipse.jetty.security.LoginService;
	import org.eclipse.jetty.security.authentication.BasicAuthenticator;
	import org.eclipse.jetty.server.Server;
	import org.eclipse.jetty.util.security.Constraint;

	public class SecuredHelloHandler
	{
	public static void main(String[] args) throws Exception
	{
	// Create a basic jetty server object that will listen on port 8080. Note that if you set this to port 0
	// then a randomly available port will be assigned that you can either look in the logs for the port,
	// or programmatically obtain it for use in test cases.
	Server server = new Server(8080);

	// Since this example is for our test webapp, we need to setup a LoginService so this shows how to create a
	// very simple hashmap based one. The name of the LoginService needs to correspond to what is configured a
	// webapp's web.xml and since it has a lifecycle of its own we register it as a bean with the Jetty server
	// object so it can be started and stopped according to the lifecycle of the server itself. In this example
	// the name can be whatever you like since we are not dealing with webapp realms.
	LoginService loginService = new HashLoginService("MyRealm","src/test/resources/realm.properties");
	server.addBean(loginService);

	// A security handler is a jetty handler that secures content behind a particular portion of a url space. The
	// ConstraintSecurityHandler is a more specialized handler that allows matching of urls to different
	// constraints. The server sets this as the first handler in the chain,
	// effectively applying these constraints to all subsequent handlers in the chain.
	ConstraintSecurityHandler security = new ConstraintSecurityHandler();
	server.setHandler(security);

	// This constraint requires authentication and in addition that an authenticated user be a member of a given
	// set of roles for authorization purposes.
	Constraint constraint = new Constraint();
	constraint.setName("auth");
	constraint.setAuthenticate( true );
	constraint.setRoles(new String[]{"user", "admin"});

	// Binds a url pattern with the previously created constraint. The roles for this constraing mapping are
	// mined from the Constraint itself although methods exist to declare and bind roles separately as well.
	ConstraintMapping mapping = new ConstraintMapping();
	mapping.setPathSpec( "/*" );
	mapping.setConstraint( constraint );

	// First you see the constraint mapping being applied to the handler as a singleton list,
	// however you can passing in as many security constraint mappings as you like so long as they follow the
	// mapping requirements of the servlet api. Next we set a BasicAuthenticator instance which is the object
	// that actually checks the credentials followed by the LoginService which is the store of known users, etc.
	security.setConstraintMappings(Collections.singletonList(mapping));
	security.setAuthenticator(new BasicAuthenticator());
	security.setLoginService(loginService);

	// The Hello Handler is the handler we are securing so we create one, and then set it as the handler on the
	// security handler to complain the simple handler chain.
	HelloHandler hh = new HelloHandler();

	// chain the hello handler into the security handler
	security.setHandler(hh);

	// Start things up! By using the server.join() the server thread will join with the current thread.
	// See "http://docs.oracle.com/javase/1.5.0/docs/api/java/lang/Thread.html#join()" for more details.
	server.start();
	server.join();
	}
	}