Re: [jetty-users] Does Jetty Uses Session to Set the Principal in HTTP Request

2020-02-18 Thread Wang Yicheng 
Thanks Jan! The thing is, my project actually doesn't have any pages. So,
is it possible to have FORM authentication without login pages? Or does it
mean I should go with BASIC while create sessions myself?

On Mon, Feb 17, 2020 at 2:16 AM Jan Bartel  wrote:

> You need to set up what the authentication method is, ie the equivalent of
> the  in web.xml. The default is
> basic authentication. If you want to use sessions to maintain the
> authentication state, then configure FORM authentication, either in web.xml
> or by setting an instance of
> https://www.eclipse.org/jetty/javadoc/9.4.26.v20200117/org/eclipse/jetty/security/authentication/FormAuthenticator.html
> on the SecurityHandler.
>
> Jan
>
> On Mon, 10 Feb 2020 at 23:12, Wang Yicheng 
> wrote:
>
>> Thanks Joakim!
>>
>> Yes I do have a customized login module following JAAS spec. So it seems
>> the missing session is causing the problem. Then my question is: With
>> default configuration, does Jetty generate session automatically for
>> authenticated user? Or is my code responsible for doing that?
>>
>> I actually published another question here
>> 
>> which contains more details about my issue. Any help is highly appreciated!
>>
>> Best
>>
>> On Mon, Feb 10, 2020 at 1:11 PM Joakim Erdfelt 
>> wrote:
>>
>>> If using Servlet authentication (or JAAS) the principal would be set.
>>>
>>> If you are using a 3rd party web library (like spring) then odds are you
>>> are not integrating with Servlet security.
>>>
>>> Joakim Erdfelt / joa...@webtide.com
>>>
>>>
>>> On Mon, Feb 10, 2020 at 2:05 PM Yicheng Wang 
>>> wrote:
>>>
 Hi team,

 My question is as the subject state. My issue is the login request does
 have
 the principal by calling getUserPrincipal. But after logging in, the
 second
 request has a null principal. Besides, neither of the requests have
 sessions. So I'm wondering if Jetty uses session information to set the
 principal in HTTP request. Do appreciate your help!

 Best



 --
 Sent from: http://jetty.4.x6.nabble.com/Jetty-User-f3247280.html
 ___
 jetty-users mailing list
 jetty-users@eclipse.org
 To change your delivery options, retrieve your password, or unsubscribe
 from this list, visit
 https://www.eclipse.org/mailman/listinfo/jetty-users

>>> ___
>>> jetty-users mailing list
>>> jetty-users@eclipse.org
>>> To change your delivery options, retrieve your password, or unsubscribe
>>> from this list, visit
>>> https://www.eclipse.org/mailman/listinfo/jetty-users
>>
>> ___
>> jetty-users mailing list
>> jetty-users@eclipse.org
>> To change your delivery options, retrieve your password, or unsubscribe
>> from this list, visit
>> https://www.eclipse.org/mailman/listinfo/jetty-users
>
>
>
> --
> Jan Bartel 
> www.webtide.com
> *Expert assistance from the creators of Jetty and CometD*
>
> ___
> jetty-users mailing list
> jetty-users@eclipse.org
> To change your delivery options, retrieve your password, or unsubscribe
> from this list, visit
> https://www.eclipse.org/mailman/listinfo/jetty-users
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from 
this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users

Re: [jetty-users] Modifying HTTP response content with a servlet filter

2020-02-18 Thread Peter Boughton 

Thanks Greg,

I'm fine with Jetty-specific features, so I'll take a look at using 
interceptors.


Seems BufferedResponseHandler has another example.
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from 
this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users

Re: [jetty-users] Modifying HTTP response content with a servlet filter

2020-02-18 Thread Greg Wilkins 
The response wrapper approach is historically how such transformations were
done.  However it is a lot of boilerplate code, very easy to get wrong and
fails completely if the async IO API is used.

So another approach to consider is to use the jetty API for interceptors
(see GzipHandler for an example) that will work with any content source.
 Ultimately I'd like to propose a standards based approach for this in
Servlet-5.x, but it will be a while before such new features can be
considered because of the distraction of renaming everything to
jakarta.servlet.*

cheers








On Tue, 18 Feb 2020 at 12:55, Peter Boughton 
wrote:

> Hi,
>
> I need to modify the content of responses, so I'm writing a filter.
>
> I found a couple of different approaches here:
>
> https://stackoverflow.com/questions/14736328/looking-for-an-example-for-inserting-content-into-the-response-using-a-servlet-f#14736818
>
> The simpler solution from iTech works - but only when directly
> requesting a file.
>
> i.e. example.com/dir/index.html works, but example.com/dir/ returns the
> unmodified content of index.html
>
> The longer (accepted) solution works in both cases, so I'm guessing its
> convoluted use of getOutputStream/etc is somehow relevant to it working,
> but I don't see why the same file triggers different behaviour, just
> because it's going via the default/welcome file mechanism.
>
> Is it really necessary to jump through all those hoops in order to get
> and set response content, or am I missing some simpler way?
>
>
> Thanks,
>
> Peter
>
> ___
> jetty-users mailing list
> jetty-users@eclipse.org
> To change your delivery options, retrieve your password, or unsubscribe
> from this list, visit
> https://www.eclipse.org/mailman/listinfo/jetty-users
>


-- 
Greg Wilkins  CTO http://webtide.com
___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from 
this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users

[jetty-users] Modifying HTTP response content with a servlet filter

2020-02-18 Thread Peter Boughton 

Hi,

I need to modify the content of responses, so I'm writing a filter.

I found a couple of different approaches here:
https://stackoverflow.com/questions/14736328/looking-for-an-example-for-inserting-content-into-the-response-using-a-servlet-f#14736818

The simpler solution from iTech works - but only when directly 
requesting a file.


i.e. example.com/dir/index.html works, but example.com/dir/ returns the 
unmodified content of index.html


The longer (accepted) solution works in both cases, so I'm guessing its 
convoluted use of getOutputStream/etc is somehow relevant to it working, 
but I don't see why the same file triggers different behaviour, just 
because it's going via the default/welcome file mechanism.


Is it really necessary to jump through all those hoops in order to get 
and set response content, or am I missing some simpler way?



Thanks,

Peter

___
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from 
this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users