Custom Jetty authenticator

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Custom Jetty authenticator


I am trying to implement a custom authenticator for Jetty. The idea is to
decode a custom HTTP header
and extract from there some credentials that I will validate in a custom
JAAS LoginModule

I did the following:

1 - I created a Web application bundle with a web.xml in which the
auth-method is set to "custom" and
     realm is set to "my-realm" and I chose "rest" as the context root
2 - I registered via blueprint a custom login module for realm "my-realm"
3 - I created a custom implementation of Authenticator by extending
     The intention is that my authenticator will extract credentials from a
HTTP header and will
     perform a login passing in input a dummy username and the token
extracted from the HTTP header as
     the credential, then the custom login module will ignore username, will
decode the token and will
     eventually accept the login (assuming a valid token), adding to the
Subject the right user and role
4 - I registered the custom authenticator in jetty.xml for my "/rest" web
app as in the example below

I don't understand why, but the Web application always fails to be deployed
with an error complaining
that BasicAuthenticator cannot find a LoginService. This is happening even
if I am not registering any
BasicAuthenticator, and despite the fact that as already mentioned the
auth-method in web.xml is set to "custom", not "BASIC".
Could anyone help me or point me to an example?
Thanks in advance.

Sent from: