Thank you for your response Simone. Simone: How do you plan to make this machine-to-machine interaction? Jim: The requesting machine will submit a REST request. Our questions concern authentication. 1. Specifically, how would the client machine submit a request to the Jetty server in such a way that the sender could be authenticated with LDAP? 2. How would the Jetty server be configured so that incoming requests would be authenticated with LDAP, but the username/password would be obtained from the request? That is, since a machine is submitting the request and not an interactive user, we cannot have a login dialog pop up to obtain the username/password. The username/password must instead be embedded in the request itself. NOTE: LDAP-based authentication is not an absolute requirement - we could instead use certificate-based authentication. But regardless of whether LDAP or a certificate is used, the question remains, how to configure Jetty to perform the authentication when the request comes from a machine rather than an interactive user?
Simone: Are you using an HTTP client to make requests? Jim: HTTPS (I assume, due to authentication requirements). Jim Gregoric Message: 1 Date: Thu, 19 May 2016 13:02:35 +0000 From: "Gregoric, James" <[email protected]> To: "[email protected]" <[email protected]> Subject: [jetty-users] M2M authentication on Jetty Message-ID: <[email protected]> Content-Type: text/plain; charset="us-ascii" Dear Jetty Community, We would like to provide an in-house group of users access to our Solr database in a way that meets the following specifications: 1. Use the Jetty web service that Solr 6.0 installs by default. 2. Provide an M2M (machine-to-machine) interface, so a user can setup a cron job that periodically executes a query and stores the results. 3. Authentication credentials for the M2M interface to the Jetty service are provided by an LDAP service so it is possible to log who is accessing what data. 4. Result data retrieved from Solr (result UIDs) and passed back to the caller via Jetty are recorded by SPLUNK. Can you offer advice and/or point us to a working example of any of these specification items? Here's what we have so far: A. Completed item 1 above. We've installed Solr 6.0 with Jetty on a Linux VM and it works great. B. Partially addressed item 3 above in that we can login to Jetty using LDAP. However, our implementation is such that the login credentials are input interactively (via a login dialog). We don't yet know how to perform this login from machine to machine. This is the main sticking point right now. Any insight you might provide would be greatly appreciated. Regards, Jim Gregoric Boston Children's Hospital, Clinical Research Informatics -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://urldefense.proofpoint.com/v2/url?u=https-3A__dev.eclipse.org_mailman_private_jetty-2Dusers_attachments_20160519_c2209e9d_attachment.html&d=CwICAg&c=qS4goWBT7poplM69zy_3xhKwEW14JZMSdioCoppxeFU&r=a1pzhqEDruwS4U_330LJvhI7xc_jF-rLeXWg82Ysqyh1J0JMpZkHfoq4WcirSZtm&m=Vz54g8AncKBbc-0EcxspoZmpfAbzclEJax6SNtvVq2Y&s=y4CZtddGgVb9PJgB-uFPGEI1ZVII7W7Wu7JcJOInhFI&e= > ------------------------------ Message: 2 Date: Thu, 19 May 2016 16:00:51 +0200 From: Simone Bordet <[email protected]> To: JETTY user mailing list <[email protected]> Subject: Re: [jetty-users] M2M authentication on Jetty Message-ID: <cafwmrj0hyvrsqsya3r2mncxcy79nkwqy2fyeewbgbuqikep...@mail.gmail.com> Content-Type: text/plain; charset=UTF-8 Hi, On Thu, May 19, 2016 at 3:02 PM, Gregoric, James <[email protected]> wrote: > B. Partially addressed item 3 above in that we can login to Jetty using > LDAP. However, our implementation is such that the login credentials > are input interactively (via a login dialog). We don?t yet know how > to perform this login from machine to machine. This is the main > sticking point right now. How do you plan to make this machine-to-machine interaction ? Are you using a HTTP client to make requests ? -- Simone Bordet ---- https://urldefense.proofpoint.com/v2/url?u=http-3A__cometd.org&d=CwICAg&c=qS4goWBT7poplM69zy_3xhKwEW14JZMSdioCoppxeFU&r=a1pzhqEDruwS4U_330LJvhI7xc_jF-rLeXWg82Ysqyh1J0JMpZkHfoq4WcirSZtm&m=Vz54g8AncKBbc-0EcxspoZmpfAbzclEJax6SNtvVq2Y&s=5bIdYv2WIMKOjBXrpxpWAHMxjREQeVrd4ouRHpJ5CJU&e= https://urldefense.proofpoint.com/v2/url?u=http-3A__webtide.com&d=CwICAg&c=qS4goWBT7poplM69zy_3xhKwEW14JZMSdioCoppxeFU&r=a1pzhqEDruwS4U_330LJvhI7xc_jF-rLeXWg82Ysqyh1J0JMpZkHfoq4WcirSZtm&m=Vz54g8AncKBbc-0EcxspoZmpfAbzclEJax6SNtvVq2Y&s=ak4TcjIDPjVkfyC4dQI_v80CePGYK2-YQGaFSQPNews&e= Developer advice, training, services and support from the Jetty & CometD experts. ------------------------------ Message: 3 Date: Thu, 19 May 2016 16:14:18 +0200 From: Peter Ondru?ka <[email protected]> To: JETTY user mailing list <[email protected]> Subject: [jetty-users] HTTP 2 with Simone Bordet Message-ID: <CAAo0nc5SxF=H9+KFMOK8PoPDF=hhm6yx28dh0f1n2f93mry...@mail.gmail.com> Content-Type: text/plain; charset="utf-8" https://urldefense.proofpoint.com/v2/url?u=https-3A__youtu.be_snE9TqGASas&d=CwICAg&c=qS4goWBT7poplM69zy_3xhKwEW14JZMSdioCoppxeFU&r=a1pzhqEDruwS4U_330LJvhI7xc_jF-rLeXWg82Ysqyh1J0JMpZkHfoq4WcirSZtm&m=Vz54g8AncKBbc-0EcxspoZmpfAbzclEJax6SNtvVq2Y&s=UHc58ouQVABqVT1yK6D2fQi4k2nTdEUkPeJqiwxd5SI&e= HTTP 2.0 is supposed to be the next big thing for the web, after the overwhelming success of HTTP 1.1. In this interview he examines the HTTP 2.0 protocol, what is the status of its specification, what features does it offer over HTTP 1.1, and how websites can benefit (in speed and money) from it. Bio: Simone Bordet is a Jetty Committer, the CometD project leader and works as Lead Architect at Webtide. Active open source developer, he founded and contributed to various open source projects such as Jetty, CometD, MX4J, Foxtrot, LiveTribe, and others. Simone has been technical speaker at various national and international conferences such as Devoxx, JavaOne, CodeMotion, etc., and is a co-lead of the Java User Group of Torino, Italy. Simone specializes in server-side multi-thread development, J2EE application development, in Comet technologies applied to web development, web network protocols (HTTP, WebSocket, SPDY, HTTP/2) and in high performance JVM tuning. Enjoy :) Maybe I just missed this on the list (so sorry about that). -- kaibo, s.r.o., ID 28435036, registered with the commercial register administered by the Municipal Court in Prague, section C, insert 141269. Registered office and postal address: kaibo, s.r.o., Kali?nick? 379/10, Prague 3, 130 00, Czech Republic. https://urldefense.proofpoint.com/v2/url?u=https-3A__www.kaibo.eu&d=CwICAg&c=qS4goWBT7poplM69zy_3xhKwEW14JZMSdioCoppxeFU&r=a1pzhqEDruwS4U_330LJvhI7xc_jF-rLeXWg82Ysqyh1J0JMpZkHfoq4WcirSZtm&m=Vz54g8AncKBbc-0EcxspoZmpfAbzclEJax6SNtvVq2Y&s=KHeMqd9yPK1MA_Gs084esoo6MtW6uPo9FedBu4mTTpQ&e= -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://urldefense.proofpoint.com/v2/url?u=https-3A__dev.eclipse.org_mailman_private_jetty-2Dusers_attachments_20160519_19171341_attachment.html&d=CwICAg&c=qS4goWBT7poplM69zy_3xhKwEW14JZMSdioCoppxeFU&r=a1pzhqEDruwS4U_330LJvhI7xc_jF-rLeXWg82Ysqyh1J0JMpZkHfoq4WcirSZtm&m=Vz54g8AncKBbc-0EcxspoZmpfAbzclEJax6SNtvVq2Y&s=b5Gsw_4U_Mka8QjSjeTRgDnLoIJAxq5xm4oYs14yFkE&e= > ------------------------------ Message: 4 Date: Thu, 19 May 2016 11:01:09 -0400 From: Jennifer Coston <[email protected]> To: [email protected] Subject: [jetty-users] How do I tell embedded jetty to scan for annotations? Message-ID: <ofcd730520.83f344f0-on85257fb8.004f38f6-85257fb8.00528...@raytheon.com> Content-Type: text/plain; charset="us-ascii" Hello, I am trying to configure embedded jetty so that it scans for the @WebListener annotation. I have added the Jetty-annotations library to my pom.xml file. From looking at this documentation, it looks like I also need to set metadata-complete to false. The problem is that most of the documentation references a web.xml or jetty.xml which I don't have. Is it possible to configure Jetty to scan for annotations without it? Is there a way I can configure the server to tell it where the @WebListener is? Here is the method where I am creating and configuring the server: public static void start() throws Exception { // Create Embedded Jetty server jettyServer = new Server(); // Configure for Http HttpConfiguration http_config = new HttpConfiguration(); http_config.setSecureScheme("https"); http_config.setSecurePort(8443); http_config.setOutputBufferSize(32768); ServerConnector http = new ServerConnector(jettyServer, new HttpConnectionFactory(http_config)); http.setPort(HTTP_SERVER_PORT); http.setIdleTimeout(30000); jettyServer.addConnector(http); // Add ServletContextHandler ServletContextHandler servletContextHandler = new ServletContextHandler( ServletContextHandler.SESSIONS); servletContextHandler.setContextPath("/"); jettyServer.setHandler(servletContextHandler); // Add API Origin Filter servletContextHandler.addFilter( "com.my.company.swagger.api.util.ApiOriginFilter", "/*", EnumSet.of(DispatcherType.INCLUDE, DispatcherType.REQUEST)); // Setup API resources (Jersey) ServletHolder jerseyServlet = new ServletHolder(new ServletContainer()); jerseyServlet.setInitOrder(1); jerseyServlet.setInitParameter( "com.sun.jersey.spi.container.ContainerRequestFilters", "com.sun.jersey.api.container.filter.PostReplaceFilter"); jerseyServlet.setInitParameter( "com.sun.jersey.api.json.POJOMappingFeature", "true"); jerseyServlet .setInitParameter( ServerProperties.PROVIDER_PACKAGES, "io.swagger.jaxrs.json;io.swagger.jaxrs;io.swagger.jaxrs.listing;com.my.company.swagger.api"); jerseyServlet.setInitParameter (ServerProperties.WADL_FEATURE_DISABLE, "true"); jerseyServlet .setInitParameter( ServerProperties.PROVIDER_CLASSNAMES, "org.glassfish.jersey.filter.LoggingFilter;org.glassfish.jersey.media.multipart.MultiPartFeature"); servletContextHandler.addServlet(jerseyServlet, "/api/*"); jettyServer.setHandler(servletContextHandler); // Start the server jettyServer.start(); } And this is my class with the @WebListener package com.my.company.swagger.api.util; import io.swagger.jaxrs.config.BeanConfig; import javax.annotation.Resource; import javax.servlet.ServletContextEvent; import javax.servlet.ServletContextListener; import javax.servlet.annotation.WebListener; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @WebListener public class SwaggerInitializer implements ServletContextListener { private static final Logger LOGGER = LoggerFactory.getLogger (SwaggerInitializer.class); public void contextInitialized(ServletContextEvent servletContextEvent) { LOGGER.debug("######### Configuring Swagger with BeanConfig #########"); BeanConfig beanConfig = new BeanConfig(); beanConfig.setVersion( "1.0.0" ); beanConfig.setResourcePackage( "com.my.company.swagger.api" ); beanConfig.setBasePath( "https://urldefense.proofpoint.com/v2/url?u=http-3A__localhost-3A12043_api-2Ddocs&d=CwICAg&c=qS4goWBT7poplM69zy_3xhKwEW14JZMSdioCoppxeFU&r=a1pzhqEDruwS4U_330LJvhI7xc_jF-rLeXWg82Ysqyh1J0JMpZkHfoq4WcirSZtm&m=Vz54g8AncKBbc-0EcxspoZmpfAbzclEJax6SNtvVq2Y&s=JW8fGW4lpHPQ4wUOi1rCsq95KjXdOExNeD7CprT0DR4&e= " ); beanConfig.setDescription( "Hello World!" ); beanConfig.setTitle( "Swagger Test Server" ); beanConfig.setScan( true ); } public void contextDestroyed(ServletContextEvent servletContextEvent) { } } Thank you! Jennifer -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://urldefense.proofpoint.com/v2/url?u=https-3A__dev.eclipse.org_mailman_private_jetty-2Dusers_attachments_20160519_e51ccfdf_attachment.html&d=CwICAg&c=qS4goWBT7poplM69zy_3xhKwEW14JZMSdioCoppxeFU&r=a1pzhqEDruwS4U_330LJvhI7xc_jF-rLeXWg82Ysqyh1J0JMpZkHfoq4WcirSZtm&m=Vz54g8AncKBbc-0EcxspoZmpfAbzclEJax6SNtvVq2Y&s=QVTI_mancifGtSz9hnY0_uEU1k7PzHX-UqSucdYTh0w&e= > ------------------------------ _______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://urldefense.proofpoint.com/v2/url?u=https-3A__dev.eclipse.org_mailman_listinfo_jetty-2Dusers&d=CwICAg&c=qS4goWBT7poplM69zy_3xhKwEW14JZMSdioCoppxeFU&r=a1pzhqEDruwS4U_330LJvhI7xc_jF-rLeXWg82Ysqyh1J0JMpZkHfoq4WcirSZtm&m=Vz54g8AncKBbc-0EcxspoZmpfAbzclEJax6SNtvVq2Y&s=Z-TMW-WpJmGO8eiyYvFLEwc5ocXJiLUH_AiRWx5wEKU&e= End of jetty-users Digest, Vol 84, Issue 20 ******************************************* _______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users
