Thursday, November 29, 2007

Jetty 6 authentication by configuration XML without web.xml

I spent about a week for porting of NetKernel 3.3 from Jetty 5 to Jetty 6. It is done and I am testing the non-blocking IO (NIO) of Jetty 6 together with asynchronous processing feature of NetKernel. I also figure out how to configure Jetty 6 security in the configuration XML file. From the Jetty document about Realm, the security of an application can be configured in web.xml. However, there is no web.xml in my case, when the request received by Jetty be handled by a specific handler, which will call another handler-like facility for processing. The solution for Jetty 5 does not work for Jetty 6 for this case, since the corresponding API's of org.mortbay.jetty.Server are removed. I got some hint from the document about how to configure security for embedded Jetty. However, it is still about a web application via class WebAppContext. Then I wondered if org.mortbay.jetty.security.SecurityHandler will help (it has an interesting name). Yes, it is. The hack is done with a longer XML file creating a HashUserRealm and a ConstraintMappings. See the details in the following snippet.

<Set name="handler">
<New id="Handlers"
class="org.mortbay.jetty.handler.HandlerCollection">
<Set name="handlers">
<Array type="org.mortbay.jetty.Handler">
<Item>
<New id="BackendSecurity"
class="org.mortbay.jetty.security.SecurityHandler" />
</Item>
<Item>
<New id="BackendNetkernel"
class="org.ten60.transport.jetty.HttpHandler" />
</Item>
</Array>
</Set>
</New>
</Set>
<!-- =========================================================== -->
<!-- Configure BackendSecurity -->
<!-- Add a Realm and a ConstraintMappings to it. See -->
<!-- http://docs.codehaus.org/display/JETTY/How+to+Configure+Security+with+Embedded+Jetty -->
<!-- =========================================================== -->
<Ref id="BackendSecurity">
<Set name="UserRealm">
<New class="org.mortbay.jetty.security.HashUserRealm">
<Set name="name">Test Realm</Set>
<Set name="config">
<SystemProperty name="bootloader.basepath"
default=".." />/etc/realm.properties</Set>
</New>
</Set>
<Set name="AuthMethod">DIGEST</Set>
<Set name="ConstraintMappings">
<Array type="org.mortbay.jetty.security.ConstraintMapping">
<Item>
<New id="BSConstraintMapping"
class="org.mortbay.jetty.security.ConstraintMapping">
<Set name="Constraint">
<New class="org.mortbay.jetty.security.Constraint">
<Set name="Name">allSite</Set>
<Set name="Roles">
<Array type="java.lang.String">
<Item>admin</Item>
</Array>
</Set>
<Set name="Authenticate">true</Set>
</New>
</Set>
<Set name="PathSpec">/</Set>
</New>
</Item>
</Array>
</Set>
</Ref>