jetty-basic-auth-helper

Basic authentication helper library for jetty9

License

License

Categories

Categories

Jetty Container Application Servers
GroupId

GroupId

org.riversun
ArtifactId

ArtifactId

jetty-basic-auth-helper
Last Version

Last Version

0.6.3
Release Date

Release Date

Type

Type

jar
Description

Description

jetty-basic-auth-helper
Basic authentication helper library for jetty9
Project URL

Project URL

https://github.com/riversun/jetty-basic-auth-helper
Source Code Management

Source Code Management

https://github.com/riversun/jetty-basic-auth-helper

Download jetty-basic-auth-helper

How to add to project

<!-- https://jarcasting.com/artifacts/org.riversun/jetty-basic-auth-helper/ -->
<dependency>
    <groupId>org.riversun</groupId>
    <artifactId>jetty-basic-auth-helper</artifactId>
    <version>0.6.3</version>
</dependency>
// https://jarcasting.com/artifacts/org.riversun/jetty-basic-auth-helper/
implementation 'org.riversun:jetty-basic-auth-helper:0.6.3'
// https://jarcasting.com/artifacts/org.riversun/jetty-basic-auth-helper/
implementation ("org.riversun:jetty-basic-auth-helper:0.6.3")
'org.riversun:jetty-basic-auth-helper:jar:0.6.3'
<dependency org="org.riversun" name="jetty-basic-auth-helper" rev="0.6.3">
  <artifact name="jetty-basic-auth-helper" type="jar" />
</dependency>
@Grapes(
@Grab(group='org.riversun', module='jetty-basic-auth-helper', version='0.6.3')
)
libraryDependencies += "org.riversun" % "jetty-basic-auth-helper" % "0.6.3"
[org.riversun/jetty-basic-auth-helper "0.6.3"]

Dependencies

provided (4)

Group / Artifact Type Version
org.eclipse.jetty : jetty-annotations jar 9.4.12.v20180830
org.eclipse.jetty : jetty-webapp jar 9.4.12.v20180830
org.eclipse.jetty : apache-jsp jar 9.4.12.v20180830
org.eclipse.jetty : apache-jstl pom 9.4.12.v20180830

test (1)

Group / Artifact Type Version
junit : junit jar 4.7

Project Modules

There are no modules declared in this project.

Overview

A library for BASIC authentication for jetty9

It is licensed under MIT.

Maven Central

Usage

Enable BASIC authentication when you use ServletContextHandler

        BasicAuthSecurityHandler bash = new BasicAuthSecurityHandler();
        bash.setBasicAuth(new BasicAuth.Builder().setRealm("private site")
                .addUserPath("user1", "pass1", "/private1/*")
                .addUserPath("user2", "pass2", "/private2/*")
                .build());
        servletContextHandler.setSecurityHandler(bash);

Example

package myserver;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.handler.HandlerList;
import org.eclipse.jetty.server.handler.ResourceHandler;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.riversun.jetty.basicauth.BasicAuth;
import org.riversun.jetty.basicauth.BasicAuthLogicCore.SkipBasicAuthCallback;
import org.riversun.jetty.basicauth.BasicAuthSecurityHandler;

public class StartWebServer {

    public void start() {

        final int PORT = 8080;

        ServletContextHandler servletContextHandler = new ServletContextHandler(ServletContextHandler.SESSIONS);

        servletContextHandler.addServlet(ExampleServlet.class, "/api");

        final HandlerList handlerList = new HandlerList();

        final ResourceHandler resourceHandler = new ResourceHandler();

        resourceHandler.setResourceBase(System.getProperty("user.dir") + "/htdocs");
        resourceHandler.setDirectoriesListed(false);

        resourceHandler.setWelcomeFiles(new String[] { "index.html" });
        resourceHandler.setCacheControl("no-store,no-cache,must-revalidate");

        handlerList.addHandler(resourceHandler);
        handlerList.addHandler(servletContextHandler);

        final Server jettyServer = new Server();
        jettyServer.setHandler(handlerList);

        final HttpConfiguration httpConfig = new HttpConfiguration();
        httpConfig.setSendServerVersion(false);

        final HttpConnectionFactory httpConnFactory = new HttpConnectionFactory(httpConfig);
        final ServerConnector httpConnector = new ServerConnector(jettyServer, httpConnFactory);
        httpConnector.setPort(PORT);
        jettyServer.setConnectors(new Connector[] { httpConnector });

        // Enabling basic authentication
        BasicAuthSecurityHandler bash = new BasicAuthSecurityHandler();

        bash.setBasicAuth(new BasicAuth.Builder().setRealm("private site")
                .addUserPath("user1", "pass1", "/*")
                .addUserPath("user2", "pass2", "/index.html,/api")
                .addUserPath("user3", "pass3", "/api")
                .build());

        // If the user-A who has already passed the BASIC authentication for page-A.
        // Then the user-A who doesn't have the permission for page-B tries to access
        // page-B.
        //
        // True:Show BASIC authentication dialog again for the user who has correct
        // permission for page-B.
        //
        // False:Show error page that shows FORBIDDEN, "You don't have permission to
        // access."
        //
        bash.setRetryBasicAuth(true);

        bash.addRetryBasicAuthExcludedPath("/favicon.ico");

        // Set preprocess callback.
        bash.setSkipBasicAuthCallback(new SkipBasicAuthCallback() {

            @Override
            public boolean checkSkipBasicAuth(HttpServletRequest req) {
                // true:skip basic authentication
                // false:process basic authentication
                return false;
            }
        });

        servletContextHandler.setSecurityHandler(bash);

        try {
            jettyServer.start();
            System.out.println("Server started.");
            jettyServer.join();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    @SuppressWarnings("serial")
    public static class ExampleServlet extends HttpServlet {

        @Override
        protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

            final String CONTENT_TYPE = "text/plain; charset=UTF-8";
            resp.setContentType(CONTENT_TYPE);

            final PrintWriter out = resp.getWriter();
            out.println("OK");
            out.close();
        }

    }

    public static void main(String[] args) {
        new StartWebServer().start();
    }

}

Enable BASIC authentication when you use ResourceHandler

Use BasicAuthResourceHandler instead of ResourceHandler

            final BasicAuthResourceHandler resourceHandler = new BasicAuthResourceHandler();

            resourceHandler.setBasicAuth(new BasicAuth.Builder().setRealm("private site")
                .addUserPath("user1", "pass1", "/private1/*")
                .addUserPath("user2", "pass2", "/private2/*")
                .build());

Download/Install

Maven

<dependency>
	<groupId>org.riversun</groupId>
	<artifactId>jetty-basic-auth-helper</artifactId>
	<version>0.5.0</version>
</dependency>

Versions

Version
0.6.3
0.6.2
0.6.1
0.6.0
0.5.0