Thanks Bruce and Jan Willem, I already use an HTTPContext (with the
whiteboard) for mime handling.
I will investigate further about handleSecurity.
The security stuff in web.xml involves several elements
(security-constraint, login-config, security-role), so I just wonder
whether I can replace all by playing with HTTPContext.
Btw, any suggestion to enforce basic authentication through a client
popup - asking user/pwd ?
Thanks,
Renzo
On 27/06/2014 11:52, Bruce Jackson wrote:
If you¹re using the http bundle inside Felix, you need to get a handle to
the HttpService interface.
This allows you to programatically bind servlets to the http server.
Alternatively if you¹re using OSGi DS, you need to register and export
components that implement javax.servlet.Servlet. These will be picked up
by the Jetty and bound as servlets using the DS property ³alias² to point
to your servlet path.
If you wish to create a custom security context, the base way to do this
is to create a components that implements
org.osgi.service.http.HttpContext and register this with DS specifying the
component property ³contextId². If you then add this same property (and
value) to the servlet you wish to secure, the handleSecurity method of
HttpContext will be called before when a request is made to your servlet,
and you can implement whatever security/auth method you like.
On 27/06/2014 09:06, "Renzo" <[email protected]> wrote:
Hi all,
I'm designing a Webdav application, using Felix and the HTTP service.
It's engineered as a servlet, where the Webdav part is done by Jakarta
Slide.
So far, so good, it works fine by accepting HTTP requests.
Now, I would configure the embedded Jetty server to enable
authentication. Basically, I want to configure the server through a
custom web.xml containing security-constraint and alike.
The point here is that I cannot find any way to retrieve the Jetty
server. I need it to apply a WebAppContext (setHandler), created at
runtime according to web.xml contents.
Thanks for any suggestion,
Renzo
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
*** DISCLAIMER ***
This message, including attachments, is intended solely for the addressee
indicated in this message and is strictly confidential or otherwise privileged.
If you are not the intended recipient (or responsible for delivery of the
message to such person) : - (1) please immediately (i) notify the sender by
reply email and (ii) delete this message and attachments, - (2) any use, copy
or dissemination of this transmission is strictly prohibited. If you or your
employer does not consent to Internet email messages of this kind, please
advise Myriad Group AG by reply e-mail immediately. Opinions, conclusions and
other information expressed in this message are not given or endorsed by Myriad
Group AG unless otherwise indicated by an authorized representative independent
of this message.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
