Menu
I am trying to configure an embedded Jetty webserver to use SPNEGO programatically (without xml).
I am trying to convert this: http://www.eclipse.org/jetty/documentation/current/spnego-support.html to a non-xml based configuration. Here is my attempt:
AnnotationConfigWebApplicationContext context = new AnnotationConfigWebApplicationContext();
// ...
String domainRealm = "MY.DOMAIN.COM";
Constraint constraint = new Constraint();
constraint.setName(Constraint.__SPNEGO_AUTH);
constraint.setRoles(new String[] { domainRealm });
constraint.setAuthenticate(true);
ConstraintMapping cm = new ConstraintMapping();
cm.setConstraint(constraint);
cm.setPathSpec("/*");
SpnegoLoginService loginService = new SpnegoLoginService();
loginService.setConfig(System.getProperty("spnego.properties"));
loginService.setName(domainRealm);
ConstraintSecurityHandler sh = new ConstraintSecurityHandler();
sh.setLoginService(loginService);
sh.setConstraintMappings(new ConstraintMapping[]{cm});
sh.setRealmName(domainRealm);
ServletContextHandler contextHandler = new ServletContextHandler();
contextHandler.setErrorHandler(new ErrorHandler() { }); // TODO
contextHandler.setContextPath(contextPath);
contextHandler.addServlet(new ServletHolder(new DispatcherServlet(context)), "/*");
contextHandler.addEventListener(new ContextLoaderListener(context));
contextHandler.setSecurityHandler(sh);
Server server = new Server(port);
server.setHandler(contextHandler);
However, it is trying to use basic authentication (base 64) when I hit the server.
Any ideas?
394
In your ConstraintSecurityHandler you need to set the authenticator to use to be SpnegoAuthenticator.
https://github.com/eclipse/jetty.project/blob/master/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java
87
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
