I am trying to configure an embedded Jetty webserver to use SPNEGO programatically (without xml).
I am trying to convert this: http://www.eclipse.org/jetty/documentation/current/spnego-support.html to a non-xml based configuration. Here is my attempt:
AnnotationConfigWebApplicationContext context = new AnnotationConfigWebApplicationContext();
// ...
String domainRealm = "MY.DOMAIN.COM";
Constraint constraint = new Constraint();
constraint.setName(Constraint.__SPNEGO_AUTH);
constraint.setRoles(new String[] { domainRealm });
constraint.setAuthenticate(true);
ConstraintMapping cm = new ConstraintMapping();
cm.setConstraint(constraint);
cm.setPathSpec("/*");
SpnegoLoginService loginService = new SpnegoLoginService();
loginService.setConfig(System.getProperty("spnego.properties"));
loginService.setName(domainRealm);
ConstraintSecurityHandler sh = new ConstraintSecurityHandler();
sh.setLoginService(loginService);
sh.setConstraintMappings(new ConstraintMapping[]{cm});
sh.setRealmName(domainRealm);
ServletContextHandler contextHandler = new ServletContextHandler();
contextHandler.setErrorHandler(new ErrorHandler() { }); // TODO
contextHandler.setContextPath(contextPath);
contextHandler.addServlet(new ServletHolder(new DispatcherServlet(context)), "/*");
contextHandler.addEventListener(new ContextLoaderListener(context));
contextHandler.setSecurityHandler(sh);
Server server = new Server(port);
server.setHandler(contextHandler);
However, it is trying to use basic authentication (base 64) when I hit the server.
Any ideas?
In your ConstraintSecurityHandler you need to set the authenticator to use to be SpnegoAuthenticator.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.