It is easy to get this to work in Tomcat, Jetty should be similar...
In Tomcat all you nee is two things:
1. A JDBC realm defined in server.xml
<Realm debug="1"
className="org.apache.catalina.realm.JDBCRealm"
connectionURL="jdbc:postgresql://db.host.path/device"
connectionName="db_user"
connectionPassword="db_pass"
driverName="org.postgresql.Driver"
roleNameCol="role"
userCredCol="password"
userNameCol="username"
userRoleTable="authentication_table"
userTable="authentication_table"/>
2. A role in web.xml
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>My App</realm-name>
</login-config>
<security-role>
<description>Users</description>
<role-name>user</role-name>
</security-role>
I recall jetty is similar but used an external properties file, there is also a
directive you can try if you use Maven: In your pom try:
<userRealms>
<userRealm
implementation="org.mortbay.jetty.security.JDBCUserRealm">
<name>
Authentication
JDBC Realm
</name>
<config>some_properties_file</config>
</userRealm>
</userRealms>
but I have not used this before.
Peter
----- Original Message -----
From: "Luther Baker" <lutherba...@gmail.com>
To: "Tapestry users" <users@tapestry.apache.org>
Sent: Monday, 9 March, 2009 04:55:54 GMT +02:00 Athens, Beirut, Bucharest,
Istanbul
Subject: jetty, tapestry and realms
Do Maven, Jetty, Realms and Tapestry play nice out of the box?
App works just fine without any of the following - but after adding the
below, I'm getting an error and I'm not sure what I'm missing. The error
sure looks like it is *partly* working ... "FORBIDDEN" but the browser is
NOT prompting me with a browser popup defined by
<auth-method>BASIC</auth-method>.
Thoughts?
Thanks,
-Luther
HTTP ERROR 403
Problem accessing /notebook/Home. Reason:
FORBIDDEN
------------------------------
*Powered by Jetty://
*
*web.xml*
<security-constraint>
<web-resource-collection>
<web-resource-name>basic-notebook-auth</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint/>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>*notebook-realm*</realm-name>
</login-config>
*pom.xml*
<plugin>
<groupId>org.mortbay.jetty</groupId>
<artifactId>maven-jetty-plugin</artifactId>
<configuration>
<contextPath>notebook</contextPath>
<connectors>
<connector
implementation="org.mortbay.jetty.nio.SelectChannelConnector">
<port>9090</port>
<maxIdleTime>60000</maxIdleTime>
</connector>
</connectors>
<userRealms>
<userRealm
implementation="org.mortbay.jetty.security.HashUserRealm">
<name>*notebook-realm*</name>
<config>
src/main/config/jetty/notebook-hash-user-realm.properties</config>
</userRealm>
*src/main/config/jetty/notebook-hash-user-realm.properties*
#
# This file defines users passwords and roles for a HashUserRealm
#
# The format is
# <username>: <password>[,<rolename> ...]
#
# Passwords may be clear text, obfuscated or checksummed. The class
# org.mortbay.util.Password should be used to generate obfuscated
# passwords or password checksums
#
testuser: secretpassword
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
