diff --git a/src/main/java/com/github/rnewson/couchdb/lucene/CouchDBUserRealm.java b/src/main/java/com/github/rnewson/couchdb/lucene/CouchDBUserRealm.java new file mode 100644 index 0000000..f691b9c --- /dev/null +++ b/src/main/java/com/github/rnewson/couchdb/lucene/CouchDBUserRealm.java @@ -0,0 +1,56 @@ +package com.github.rnewson.couchdb.lucene; + +import java.security.Principal; + +import org.mortbay.jetty.Request; +import org.mortbay.jetty.security.UserRealm; + +import com.github.rnewson.couchdb.lucene.util.ErrorPreservingResponseHandler; + +final class CouchDBUserRealm implements UserRealm { + + private final Config config; + + public CouchDBUserRealm(final Config config) { + this.config = config; + } + + public Principal authenticate(final String username, + final Object credentials, final Request request) { + final HttpGet get = new HttpGet(config.) + return httpClient.execute(request, new ErrorPreservingResponseHandler()); + throw new UnsupportedOperationException("authenticate not supported!"); + } + + public void disassociate(final Principal user) { + } + + public String getName() { + return "CouchDB-Lucene"; + } + + public Principal getPrincipal(final String username) { + throw new UnsupportedOperationException("getPrincipal not supported!"); + } + + public boolean isUserInRole(final Principal user, final String role) { + throw new UnsupportedOperationException("isUserInRole not supported!"); + } + + public void logout(final Principal user) { + throw new UnsupportedOperationException("logout not supported!"); + } + + public Principal popRole(final Principal user) { + throw new UnsupportedOperationException("popRole not supported!"); + } + + public Principal pushRole(final Principal user, final String role) { + throw new UnsupportedOperationException("pushRole not supported!"); + } + + public boolean reauthenticate(final Principal user) { + throw new UnsupportedOperationException("reauthenticate not supported!"); + } + +} diff --git a/src/main/java/com/github/rnewson/couchdb/lucene/Main.java b/src/main/java/com/github/rnewson/couchdb/lucene/Main.java index b209b9d..55b1fe3 100644 --- a/src/main/java/com/github/rnewson/couchdb/lucene/Main.java +++ b/src/main/java/com/github/rnewson/couchdb/lucene/Main.java @@ -23,6 +23,10 @@ import org.mortbay.jetty.Connector; import org.mortbay.jetty.Handler; import org.mortbay.jetty.Server; import org.mortbay.jetty.nio.SelectChannelConnector; +import org.mortbay.jetty.security.Constraint; +import org.mortbay.jetty.security.ConstraintMapping; +import org.mortbay.jetty.security.SecurityHandler; +import org.mortbay.jetty.security.UserRealm; import org.mortbay.jetty.servlet.Context; import org.mortbay.jetty.servlet.FilterHolder; import org.mortbay.jetty.servlet.ServletHolder; @@ -52,11 +56,25 @@ public class Main { final LuceneServlet servlet = new LuceneServlet(config.getClient(), dir, config.getConfiguration()); - final Context context = new Context(server, "/", Context.NO_SESSIONS | Context.NO_SECURITY); + final Context context = new Context(server, "/"); context.addServlet(new ServletHolder(servlet), "/*"); context.addFilter(new FilterHolder(new GzipFilter()), "/*", Handler.DEFAULT); context.setErrorHandler(new JSONErrorHandler()); server.setHandler(context); + + final Constraint constraint = new Constraint(); + constraint.setName(Constraint.__BASIC_AUTH);; + constraint.setRoles(new String[]{"user","admin","moderator"}); + constraint.setAuthenticate(true); + + final ConstraintMapping constraintMapping = new ConstraintMapping(); + constraintMapping.setConstraint(constraint); + constraintMapping.setPathSpec("/*"); + + final SecurityHandler securityHandler = new SecurityHandler(); + securityHandler.setUserRealm(new CouchDBUserRealm(config)); + securityHandler.setConstraintMappings(new ConstraintMapping[]{constraintMapping}); + context.addHandler(securityHandler); server.start(); server.join();