/
Integrating with Jetty
Integrating with Jetty
- Kim Rasmussen
- Kim Rasmussen (Unlicensed)
- Patrick Ahmed (Unlicensed)
Owned by Kim Rasmussen
Last updated: Jun 01, 2020 by Kim Rasmussen (Unlicensed)
Integration with Jetty can be done in a number of ways.
Integrating with Jetty in Ceptors Distribution
Ceptor contains a built-in Jetty server, which you can use for your own webapps.
Here is a sample launcher xml that starts a demoapp
pp_launch_demoapp.xml
<?xml version="1.0" encoding="UTF-8"?>
<!-- Ceptor Launcher configuration -->
<ceptorlauncher port="21311"
launcherclasspath="classes/launcher;lib/CeptorAgent.jar;extlib/logback-core-1.1.5.jar;extlib/logback-classic-1.1.5.jar;extlib/slf4j-api-1.7.16.jar" jvmstartdelay="10">
<!-- Ceptor DemoApp -->
<jvm name="demoapp" vmargs="-Xmx1024M -Xnoclassgc" systemclasspath="">
<config servers="nios://localhost:21233?validateservercert=false" />
<classloader name="demoapp" extraclasspath="extlib_extras/jsp">
<service name="webserver1" launcherclass="dk.itp.managed.service.GenericWarLauncher">
<property name="registerppsecurityhandler" value="true"/>
<webserver webapp="${portalprotect.home}/samples/demoapp/PortalProtectDemoApp.war"
contextpath="/"
bindaddress="0.0.0.0" httpport="8080" sslport="0" minthreads="2" maxthreads="500"
maxpostsize="67108864" maxidletime="10000"
responseheadersize="32768"
outputbuffersize="32768"
/>
</service>
</classloader>
</jvm>
</ceptorlauncher>
In the above example, the property
<property name="registerppsecurityhandler" value="true"/>
is all that is required to register the security handler.
Programmatically Install Jetty Security Handler
You can also install the Jetty Security Handler programmatically - Here is a full example, which sets up a security handler, and launches and embedded Jetty Server:
package dk.portalprotect.launcher.demoapp;
import java.io.File;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import javax.security.auth.Subject;
import javax.servlet.ServletRequest;
import dk.itp.security.passticket.Agent;
import dk.itp.security.passticket.PTException;
import org.apache.tomcat.InstanceManager;
import org.apache.tomcat.SimpleInstanceManager;
import org.eclipse.jetty.apache.jsp.JettyJasperInitializer;
import org.eclipse.jetty.plus.annotation.ContainerInitializer;
import org.eclipse.jetty.security.DefaultIdentityService;
import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.webapp.WebAppContext;
/**
* Bootstrapper, used to start the demoapp using an embedded jetty webserver
*/
public class StartJetty {
public static class PPPrincipal implements Principal {
String sessionid;
public PPPrincipal(String sessionid) {
this.sessionid = sessionid;
}
public String getName() {
return sessionid;
}
}
public static class PPUserIdentity implements UserIdentity {
Subject subject;
PPPrincipal principal;
public PPUserIdentity(Subject subject, PPPrincipal principal) {
this.subject = subject;
this.principal = principal;
}
public Subject getSubject() {
return subject;
}
public Principal getUserPrincipal() {
return principal;
}
public boolean isUserInRole(String role, Scope scope) {
try {
boolean member = Agent.getInstance().isMemberOfGroup(principal.sessionid, role);
if (!member) {
System.err.println("Warning: User: "+ principal.sessionid + " was not a member of role: " + role);
}
return member;
} catch (PTException e) {
e.printStackTrace();
return false;
}
}
}
public static class PPLoginService implements LoginService {
IdentityService identService = new DefaultIdentityService();
public UserIdentity login(String user, Object credentials, ServletRequest request) {
if (Agent.getInstance().isValid(user)) {
PPPrincipal principal = new PPPrincipal(user);
Subject subject = new Subject();
subject.getPrincipals().add(principal);
return new PPUserIdentity(subject, principal);
}
return null;
}
public boolean validate(UserIdentity useridentity) {
if (useridentity instanceof PPUserIdentity) {
return Agent.getInstance().isValid(((PPUserIdentity)useridentity).principal.sessionid);
}
return false;
}
public void setIdentityService(IdentityService identityservice) {
identService = identityservice;
}
public String getName() {
return "PortalProtect Security Realm";
}
public IdentityService getIdentityService() {
return identService;
}
public void logout(UserIdentity useridentity) {
if (useridentity instanceof PPUserIdentity) {
try {
Agent.getInstance().logoff(((PPUserIdentity)useridentity).principal.sessionid);
} catch (PTException e) {
}
}
}
}
private static List<ContainerInitializer> jspInitializers()
{
JettyJasperInitializer sci = new JettyJasperInitializer();
ContainerInitializer initializer = new ContainerInitializer(sci, null);
List<ContainerInitializer> initializers = new ArrayList<ContainerInitializer>();
initializers.add(initializer);
return initializers;
}
public static void main(String[] arguments) {
try {
System.setProperty("org.apache.jasper.compiler.disablejsr199","false");
boolean develop = false;
int port = 8080;
for(int i = 0; i < arguments.length; i++) {
if (arguments[i].equals("-develop"))
develop = true;
else if (arguments[i].equals("-port") && i+1 < arguments.length) {
port = Integer.parseInt(arguments[++i]);
}
}
HttpConfiguration httpConfig = new HttpConfiguration();
httpConfig.setSendServerVersion(false);
httpConfig.setSendXPoweredBy(false);
httpConfig.setSendDateHeader(false);
httpConfig.setResponseHeaderSize(32768);
httpConfig.setOutputBufferSize(32768);
final Server srv = new Server();
ServerConnector con = new ServerConnector(srv, new HttpConnectionFactory(httpConfig));
con.setPort(port);
srv.setConnectors(new Connector[] {con});
WebAppContext webapp = new WebAppContext();
webapp.setContextPath("/");
webapp.setAttribute("org.eclipse.jetty.containerInitializers", jspInitializers());
webapp.setAttribute(InstanceManager.class.getName(), new SimpleInstanceManager());
if (develop) {
webapp.setWar("webapp");
} else {
if (new File("dist/PortalProtectDemoApp.war").exists())
webapp.setWar("dist/PortalProtectDemoApp.war");
else
webapp.setWar("PortalProtectDemoApp.war");
}
webapp.getSecurityHandler().setLoginService(new PPLoginService());
webapp.getSessionHandler().getSessionManager().setMaxInactiveInterval(60*60);
srv.setHandler(webapp);
srv.start();
Handler handler = srv.getHandler();
if(handler instanceof WebAppContext) {
webapp.getSessionHandler().getSessionManager().setMaxInactiveInterval(60*60); // sets to 30 sec
}
Runtime.getRuntime().addShutdownHook(new Thread(new Runnable() {
public void run() {
try {
srv.stop();
} catch(Throwable t) {
System.err.println(new Date() + ": Problem shutting down.");
t.printStackTrace();
}
}
}));
System.out.println("Jetty now ready on port " + port + " - connect to the demoapp using the PP dispatcher.");
while(true)
Thread.sleep(60000);
} catch (Throwable e) {
System.err.println("Fatal error starting webserver");
e.printStackTrace();
}
}
}
Adding a Security Handler in a Webapp
If you wish, you can also add a security handler directly within your .war file without starting up Jetty yourself.
Simply add a class like this:
Sample Jetty LoginService
package io.ceptor.jetty;
import java.security.Principal;
import javax.security.auth.Subject;
import javax.servlet.ServletRequest;
import org.eclipse.jetty.security.DefaultIdentityService;
import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.server.UserIdentity;
import dk.itp.security.passticket.Agent;
import dk.itp.security.passticket.PTException;
/**
* Ceptor Jetty Login Service
*/
public class LoginService implements org.eclipse.jetty.security.LoginService {
public static class PPPrincipal implements Principal {
String sessionid;
public PPPrincipal(String sessionid) {
this.sessionid = sessionid;
}
public String getName() {
return sessionid;
}
}
public static class PPUserIdentity implements UserIdentity {
Subject subject;
PPPrincipal principal;
public PPUserIdentity(Subject subject, PPPrincipal principal) {
this.subject = subject;
this.principal = principal;
}
public Subject getSubject() {
return subject;
}
public Principal getUserPrincipal() {
return principal;
}
public boolean isUserInRole(String role, Scope scope) {
try {
boolean member = Agent.getInstance().isMemberOfGroup(principal.sessionid, role);
if (!member) {
// System.err.println("Warning: User: " + principal.sessionid + " was not a member of role: " + role);
}
return member;
} catch (PTException e) {
// e.printStackTrace();
return false;
}
}
}
IdentityService identService = new DefaultIdentityService();
public UserIdentity login(String username, Object credentials) {
return login(username, credentials, null);
}
public UserIdentity login(String user, Object credentials, ServletRequest request) {
if (Agent.getInstance().isValid(user)) {
PPPrincipal principal = new PPPrincipal(user);
Subject subject = new Subject();
subject.getPrincipals().add(principal);
return new PPUserIdentity(subject, principal);
}
return null;
}
public boolean validate(UserIdentity useridentity) {
if (useridentity instanceof PPUserIdentity) {
return Agent.getInstance().isValid(((PPUserIdentity) useridentity).principal.sessionid);
}
return false;
}
public void setIdentityService(IdentityService identityservice) {
identService = identityservice;
}
public String getName() {
return "Ceptor Security Realm";
}
public IdentityService getIdentityService() {
return identService;
}
public void logout(UserIdentity useridentity) {
if (useridentity instanceof PPUserIdentity) {
try {
Agent.getInstance().logoff(((PPUserIdentity) useridentity).principal.sessionid);
} catch (PTException e) {
}
}
}
}
And then create the following jetty-web.xml in your WEB-INF folder:
Sample jetty-web.xml
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE Configure PUBLIC "-//Jetty/Configure//EN" "http://www.eclipse.org/jetty/configure.dtd"> <Configure class="org.eclipse.jetty.webapp.WebAppContext"> <Get name="securityHandler"> <Set name="loginService"><New class="io.ceptor.jetty.LoginService"></New></Set> </Get> </Configure>
, multiple selections available,
Related content
Integrating with Tomcat
Integrating with Tomcat
More like this
Integrating with JBoss
Integrating with JBoss
More like this
Integrating with Glassfish
Integrating with Glassfish
More like this
Integrating with IBM WebSphere
Integrating with IBM WebSphere
More like this
Integrating with Oracle WebLogic
Integrating with Oracle WebLogic
More like this
Ceptor SOAP WebServices
Ceptor SOAP WebServices
More like this
© Ceptor ApS. All Rights Reserved.