...
| Code Block |
|---|
<nowiki>http://localhost:44440/jobscheduler/engine-cpp/</nowiki><show_state/> |
Jetty configuration samples
user authentication with a properties file
Beside the Simple user authentication provided by the jetty plugin you can use a more complex authentification method described by the jetty configuration. The sample below show you the use of the HashLoginService, a mechanism whose authentication and authorization information is stored in a properties file.
First make sure, that your plugin declaration in scheduler.xml does not contain any authentification information:
| Code Block |
|---|
<plugins>
<plugin java_class="com.sos.scheduler.engine.plugins.jetty.JettyPlugin">
<plugin.config />
</plugin>
...
</plugins>
|
In the second step you should define the HashLoginService in your jetty configuration (jetty.xml) as a user realm. That means that you have to configure at least the location of the properties file containing the user information (userid, password, roles) and give them a name (here myRealm).
| Code Block |
|---|
<Call name="addBean">
<Arg>
<New class="org.eclipse.jetty.security.HashLoginService">
<Set name="name">myRealm</Set>
<Set name="config"><SystemProperty name="jetty.home" default="." />/config/realm.properties</Set>
<Set name="refreshInterval">0</Set>
</New>
</Arg>
</Call>
|
The properties file config/realm.properties contains one or more user definitions, e.g.
| Code Block |
|---|
testuser: test, admin
|
Finally you have to configure a security constraint and assign your user realm myRealm to a login configuration. To do this you have to change your web.xml:
| Code Block |
|---|
<security-constraint>
<web-resource-collection>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
|
| Code Block |
|---|
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>myRealm</realm-name>
</login-config>
|