Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Issue #6554 - create the DefaultIdentityService even if no realmName is provided 

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
This commit is contained in:
Lachlan Roberts 2021-09-02 12:12:51 +10:00
parent 525fcb3119
commit 7e91d34177
3 changed files with 98 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
jetty-security/src/main/java/org/eclipse/jetty/security/DefaultAuthenticatorFactory.java
View File

@ -58,7 +58,7 @@ public class DefaultAuthenticatorFactory implements Authenticator.Factory
String auth = configuration.getAuthMethod(); String auth = configuration.getAuthMethod();
Authenticator authenticator = null; Authenticator authenticator = null;
if (auth == null || Constraint.__BASIC_AUTH.equalsIgnoreCase(auth)) if (Constraint.__BASIC_AUTH.equalsIgnoreCase(auth))
authenticator = new BasicAuthenticator(); authenticator = new BasicAuthenticator();
else if (Constraint.__DIGEST_AUTH.equalsIgnoreCase(auth)) else if (Constraint.__DIGEST_AUTH.equalsIgnoreCase(auth))
authenticator = new DigestAuthenticator(); authenticator = new DigestAuthenticator();

13
jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java
View File

@ -312,9 +312,6 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
return getServer().getBean(IdentityService.class); return getServer().getBean(IdentityService.class);
} }
/**
*
*/
@Override @Override
protected void doStart() protected void doStart()
throws Exception throws Exception
@ -353,11 +350,8 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
if (_identityService == null) if (_identityService == null)
{ {
if (_realmName != null) setIdentityService(new DefaultIdentityService());
{ manage(_identityService);
setIdentityService(new DefaultIdentityService());
manage(_identityService);
}
} }
else else
unmanage(_identityService); unmanage(_identityService);
@ -371,7 +365,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
throw new IllegalStateException("LoginService has different IdentityService to " + this); throw new IllegalStateException("LoginService has different IdentityService to " + this);
} }
if (_authenticator == null && _identityService != null) if (_authenticator == null)
{ {
// If someone has set an authenticator factory only use that, otherwise try the list of discovered factories. // If someone has set an authenticator factory only use that, otherwise try the list of discovered factories.
if (_authenticatorFactory != null) if (_authenticatorFactory != null)
@ -418,7 +412,6 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
} }
@Override @Override
protected void doStop() throws Exception protected void doStop() throws Exception
{ {
//if we discovered the services (rather than had them explicitly configured), remove them. //if we discovered the services (rather than had them explicitly configured), remove them.

94
jetty-security/src/test/java/org/eclipse/jetty/security/DefaultIdentityServiceTest.java Normal file
View File

@ -0,0 +1,94 @@
//
// ========================================================================
// Copyright (c) 1995-2021 Mort Bay Consulting Pty Ltd and others.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.security;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.eclipse.jetty.server.Authentication;
import org.eclipse.jetty.server.Server;
import org.junit.jupiter.api.Test;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.instanceOf;
public class DefaultIdentityServiceTest
{
@Test
public void testDefaultIdentityService() throws Exception
{
Server server = new Server();
ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
TestAuthenticator authenticator = new TestAuthenticator();
securityHandler.setAuthenticator(authenticator);
try
{
server.setHandler(securityHandler);
server.start();
// The DefaultIdentityService should have been created by default.
assertThat(securityHandler.getIdentityService(), instanceOf(DefaultIdentityService.class));
assertThat(authenticator.getIdentityService(), instanceOf(DefaultIdentityService.class));
}
finally
{
server.stop();
}
}
public static class TestAuthenticator implements Authenticator
{
private IdentityService _identityService;
public IdentityService getIdentityService()
{
return _identityService;
}
@Override
public void setConfiguration(AuthConfiguration configuration)
{
_identityService = configuration.getIdentityService();
}
@Override
public String getAuthMethod()
{
return getClass().getSimpleName();
}
@Override
public void prepareRequest(ServletRequest request)
{
}
@Override
public Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException
{
return null;
}
@Override
public boolean secureResponse(ServletRequest request, ServletResponse response, boolean mandatory, Authentication.User validatedUser) throws ServerAuthException
{
return false;
}
}
}