Jetty webserver security

Question

I have a website powered by Jetty.

I\'d like to make the site password protected (or similar).

Is there a way to do this by configuration alone (without touc

Answer 1

I found the example that the jetty distribution provides quite helpful. To use basic auth using user accounts from a text file look at your {jetty.home}/demo-base/etc directory. Copy these two files to your {jetty.base}/etc folder: realm.properties, test-realm.xml

Jetty won't properly load these files unless you tell it to. This can be done by adding the following text to the start.ini or any *.ini file in your {jetty.base}/start.d folder:

# Create and configure the test realm
etc/test-realm.xml
jetty.demo.realm=etc/realm.properties

Finally, create a web.xml file (if not done already) and insert the example provided by @sstendal/@Torsten in their earlier answer. It uses the same real name as within the demo-base example from the jetty distribution so it should work. Restart jetty and try to access any of your web resources. Your browser or client should ask you for credentials. User user/password for example.