Examples of org.eclipse.jetty.util.security.Password

• org.eclipse.jetty.util.security.Password
  Password utility class. This utility class gets a password or pass phrase either by:

   + Password is set as a system property. + The password is prompted for and read from standard input + A program is run to get the password. 

  Passwords that begin with OBF: are de obfuscated. Passwords can be obfuscated by run org.eclipse.util.Password as a main class. Obfuscated password are required if a system needs to recover the full password (eg. so that it may be passed to another system). They are not secure, but prevent casual observation.

  Passwords that begin with CRYPT: are oneway encrypted with UnixCrypt. The real password cannot be retrieved, but comparisons can be made to other passwords. A Crypt can be generated by running org.eclipse.util.UnixCrypt as a main class, passing password and then the username. Checksum passwords are a secure(ish) way to store passwords that only need to be checked rather than recovered. Note that it is not strong security - specially if simple passwords are used.

   *         the user name and password
   */
  public static String[] createRealmProperty(final String username,
      final String password) {
    // http://wiki.eclipse.org/Jetty/Howto/Secure_Passwords
    final Password pw = new Password(password);
    final String obf = Password.obfuscate(pw.toString());
    final String digest = Credential.MD5.digest(pw.toString());
    final String crypt = Credential.Crypt.crypt(username, pw.toString());
    log.info(String.format(
        "Password: %1$s, Obfuscated: %2$s, Digest: %3$s, Crypt: %4$s",
        pw.toString(), obf, digest, crypt));
    return new String[] { pw.toString(), obf, digest, crypt };
  }

     */
    public void addWebApp( String context, String path ) throws IOException
    {
        // Set the default users and roles for the realm (note that realm name *must* match web.xml <realm-name>
        HashLoginService loginService = new HashLoginService( "JSPWikiRealm" );
        loginService.putUser( Users.ADMIN, new Password(Users.ADMIN_PASS), new String[] {"Authenticated", "Admin"} );
        loginService.putUser( Users.JANNE, new Password(Users.JANNE_PASS), new String[] {"Authenticated"} );

        WebAppContext webAppContext = new WebAppContext(path, context);

        // Add a security handler.
        SecurityHandler csh = new ConstraintSecurityHandler();

     */
    public void addWebApp( String context, String path ) throws IOException
    {
        // Set the default users and roles for the realm (note that realm name *must* match web.xml <realm-name>
        HashLoginService loginService = new HashLoginService( "JSPWikiRealm" );
        loginService.putUser( Users.ADMIN, new Password(Users.ADMIN_PASS), new String[] {"Authenticated", "Admin"} );
        loginService.putUser( Users.JANNE, new Password(Users.JANNE_PASS), new String[] {"Authenticated"} );

        WebAppContext webAppContext = new WebAppContext(path, context);

        // Add a security handler.
        SecurityHandler csh = new ConstraintSecurityHandler();

     */
    public void addWebApp( String context, String path ) throws IOException
    {
        // Set the default users and roles for the realm (note that realm name *must* match web.xml <realm-name>
        HashLoginService loginService = new HashLoginService( "JSPWikiRealm" );
        loginService.putUser( Users.ADMIN, new Password(Users.ADMIN_PASS), new String[] {"Authenticated", "Admin"} );
        loginService.putUser( Users.JANNE, new Password(Users.JANNE_PASS), new String[] {"Authenticated"} );

        WebAppContext webAppContext = new WebAppContext(path, context);

        // Add a security handler.
        SecurityHandler csh = new ConstraintSecurityHandler();

        ContextHandler _context = new ContextHandler();
        SessionHandler _session = new SessionHandler();

        HashLoginService _loginService = new HashLoginService(TEST_REALM);
        _loginService.putUser("user0", new Password("password"), new String[]{});
        _loginService.putUser("user",new Password("password"), new String[] {"user"});
        _loginService.putUser("user2",new Password("password"), new String[] {"user"});
        _loginService.putUser("admin",new Password("password"), new String[] {"user","administrator"});
        _loginService.putUser("user3", new Password("password"), new String[] {"foo"});


        _context.setContextPath("/ctx");
        _server.setHandler(_context);
        _context.setHandler(_session);

        ContextHandler context = new ContextHandler();
        SessionHandler session = new SessionHandler();

        HashLoginService loginService = new HashLoginService(TEST_REALM);
        loginService.putUser("user0",new Password("password"),new String[] {});
        loginService.putUser("user",new Password("password"),new String[] { "user" });
        loginService.putUser("user2",new Password("password"),new String[] { "user" });
        loginService.putUser("admin",new Password("password"),new String[] { "user", "administrator" });
        loginService.putUser("user3",new Password("password"),new String[] { "foo" });

        context.setContextPath("/ctx");
        context.setResourceBase(MavenTestingUtils.getTestResourceDir("docroot").getAbsolutePath());
        server.setHandler(context);
        context.setHandler(session);

        ContextHandler _context = new ContextHandler();
        _session = new SessionHandler();

        HashLoginService _loginService = new HashLoginService(TEST_REALM);
        _loginService.putUser("fred",new Password("password"));
        _loginService.putUser("harry",new Password("password"), new String[] {"HOMEOWNER"});
        _loginService.putUser("chris",new Password("password"), new String[] {"CONTRACTOR"});
        _loginService.putUser("steven", new Password("password"), new String[] {"SALESCLERK"});


        _context.setContextPath("/ctx");
        _server.setHandler(_context);
        _context.setHandler(_session);

            ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SECURITY);
            context.setContextPath("/test");
            context.addServlet(PostServlet.class,"/");

            HashLoginService realm = new HashLoginService("test");
            realm.putUser("testuser",new Password("password"),new String[]{"test"});
            _server.addBean(realm);

            ConstraintSecurityHandler security=(ConstraintSecurityHandler)context.getSecurityHandler();
            security.setAuthenticator(new DigestAuthenticator());
            security.setLoginService(realm);

        return null;
      }

      @Override
      protected void loadUsers() throws IOException {
        putUser(username, new Password(password), new String[] { role });
      }
    };

    ConstraintMapping cm = new ConstraintMapping();
    cm.setConstraint(new Constraint());

            final String username = principal == null ? "clientcert" : principal.getName();
            // TODO no idea if this is correct
            final String password = new String(B64Code.encode(certs[0].getSignature()));

            // TODO is cert_auth correct?
            if (login(clientSubject, username, new Password(password), Constraint.__CERT_AUTH, messageInfo)) { return AuthStatus.SUCCESS; }

            if (!isMandatory(messageInfo)) { return AuthStatus.SUCCESS; }
            response.sendError(HttpServletResponse.SC_FORBIDDEN, "The provided client certificate does not correspond to a trusted user.");
            return AuthStatus.SEND_FAILURE;
        }