@ComponentProfile(summary="allows use of org.eclipse.jetty.security.HashLoginService to authenticate users", tag="jetty,authentication") public class HashLoginServiceFactory extends LoginServiceFactoryImpl
HashLoginService
for use with Jetty.
This simply exposes the Jetty HashLoginService as Interlok configuration. The documentation from the eclipse jetty site should always be considered canonical. The HashLoginService is a realm whose authentication and authorization information is stored in a properties file. Each line in the file contains a username, a password, and zero or more role assignments. The format is
username: password[,rolename ...]
username: password[,rolename ...]
where:
If you need to secure the passwords in your properties file then you can follow the
jetty documentation to obfuscate/hash the password. Note that the CRYPT
style is
based on Unix Crypt which is considered weak and insecure (you probably shouldn't be using it).
$ java -cp ./lib/jetty-util.jar org.eclipse.jetty.util.security.Password myusername MySuperSecretPassword
OBF:1o4o1zly1rhf1zst1y0s1vu91uvk1ldu1w1c1sot1y7z1sox1w261ldo1uum1vv11y0y1zsx1riz1zlk1o5y
MD5:d418c3e96fb98e73fd603a8b6134edda
CRYPT:my8hdCDBVkNU.
In the adapter configuration file this class is aliased as jetty-hash-login-service which is the preferred alternative to the fully qualified classname when building your configuration.
Constructor and Description |
---|
HashLoginServiceFactory() |
HashLoginServiceFactory(java.lang.String realm,
java.lang.String filename) |
Modifier and Type | Method and Description |
---|---|
org.eclipse.jetty.security.LoginService |
retrieveLoginService() |
getFilename, getUserRealm, setFilename, setUserRealm, validateFilename, withFilename, withUserRealm