summaryrefslogtreecommitdiffstats
path: root/infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/JettyServerProvider.java
diff options
context:
space:
mode:
Diffstat (limited to 'infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/JettyServerProvider.java')
-rw-r--r--infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/JettyServerProvider.java80
1 files changed, 80 insertions, 0 deletions
diff --git a/infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/JettyServerProvider.java b/infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/JettyServerProvider.java
new file mode 100644
index 000000000..6d055bf81
--- /dev/null
+++ b/infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/JettyServerProvider.java
@@ -0,0 +1,80 @@
+/*
+ * Copyright (c) 2016 Cisco and/or its affiliates.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.fd.honeycomb.infra.distro.restconf;
+
+import com.google.inject.Inject;
+import io.fd.honeycomb.infra.distro.ProviderTrait;
+import io.fd.honeycomb.infra.distro.cfgattrs.HoneycombConfiguration;
+import java.net.URL;
+import java.util.Collections;
+import org.eclipse.jetty.security.ConstraintMapping;
+import org.eclipse.jetty.security.ConstraintSecurityHandler;
+import org.eclipse.jetty.security.HashLoginService;
+import org.eclipse.jetty.security.authentication.BasicAuthenticator;
+import org.eclipse.jetty.server.Server;
+import org.eclipse.jetty.util.security.Constraint;
+import org.eclipse.jetty.util.security.Password;
+import org.eclipse.jetty.util.thread.QueuedThreadPool;
+import org.eclipse.jetty.webapp.WebAppContext;
+
+public final class JettyServerProvider extends ProviderTrait<Server> {
+
+ public static final String REALM = "HCRealm";
+
+ @Inject
+ private HoneycombConfiguration cfg;
+
+ @Override
+ protected Server create() {
+ Server server = new Server(new QueuedThreadPool(cfg.restPoolMaxSize.get(), cfg.restPoolMinSize.get()));
+
+
+ // Load Realm for basic auth
+ HashLoginService service = new HashLoginService(REALM);
+ // Reusing the name as role
+ service.putUser(cfg.username, new Password(cfg.password), new String[]{cfg.username});
+ server.addBean(service);
+
+ final URL resource = getClass().getResource("/");
+ WebAppContext webapp = new WebAppContext(resource.getPath(), cfg.restconfRootPath.get());
+
+ ConstraintSecurityHandler security = getBaseAuth(service, webapp);
+ server.setHandler(security);
+
+ return server;
+ }
+
+ private ConstraintSecurityHandler getBaseAuth(HashLoginService service, WebAppContext webapp) {
+ ConstraintSecurityHandler security = new ConstraintSecurityHandler();
+
+ Constraint constraint = new Constraint();
+ constraint.setName("auth");
+ constraint.setAuthenticate(true);
+ constraint.setRoles(new String[]{cfg.username});
+
+ ConstraintMapping mapping = new ConstraintMapping();
+ mapping.setPathSpec("/*");
+ mapping.setConstraint(constraint);
+
+ security.setConstraintMappings(Collections.singletonList(mapping));
+ security.setAuthenticator(new BasicAuthenticator());
+ security.setLoginService(service);
+
+ security.setHandler(webapp);
+ return security;
+ }
+}