Community
Participate
Working Groups
Build Identifier: jetty-distribution-8.0.0.M1 Within a servlet doPost method a call to WebAppContext.getCurrentWebAppContext returns null. It should return the WebAppContext for the current servlet. As a quite ugly workaround one can use the following code snippet. WebAppContext.Context innerContext = ((WebAppContext.Context)jettyRequest.getContext()); Field outerClassField; try { outerClassField = WebAppContext.Context.class.getDeclaredField( "this$0" ); } catch (NoSuchFieldException e) { throw new RuntimeException( e ); } outerClassField.setAccessible( true ); WebAppContext outerContext; try { outerContext = (WebAppContext)outerClassField.get( innerContext ); } catch (IllegalAccessException e) { throw new RuntimeException( e ); } Reproducible: Always
This is actually not specific to jetty-8, as the same behaviour occurs on jetty-7. I don't think that WebAppContext.getCurrentWebAppContext() is going to be guaranteed to work except during startup and shutdown of the context. Can you tell me what you're trying to achieve because maybe there's another way to do it? Jan
In this case there is just documentation missing I guess. I need to "manually" login within a servlet. HttpServletRequest.login would provide this functionality but unfortunately this isn't implemented in Jetty. I don't understand the Jetty authentication code well enough to provide a patch myself. In my workaround I need WebAppContext for the configured LoginService. My workaround looks like this. // jetty specific code Request jettyRequest = (Request)req; final String username = req.getParameter( FormAuthenticator.__J_USERNAME ); final String password = req.getParameter( FormAuthenticator.__J_PASSWORD ); WebAppContext.Context innerContext = ((WebAppContext.Context)jettyRequest.getContext()); Field outerClassField; try { outerClassField = WebAppContext.Context.class.getDeclaredField( "this$0" ); } catch (NoSuchFieldException e) { throw new RuntimeException( e ); } outerClassField.setAccessible( true ); WebAppContext outerContext; try { outerContext = (WebAppContext)outerClassField.get( innerContext ); } catch (IllegalAccessException e) { throw new RuntimeException( e ); } LoginService loginService = outerContext.getSecurityHandler().getLoginService(); UserIdentity user = loginService.login(username,password); if ( user != null ) { HttpSession session = req.getSession(true); Authenticator authenticator = new DummyAuthenticator(); Authentication authentication = new SessionAuthentication(session,authenticator,user); session.setAttribute( SessionAuthentication.__J_AUTHENTICATED, authentication ); jettyRequest.setAuthentication( authentication ); }else{ resp.sendError( HttpServletResponse.SC_UNAUTHORIZED ); }
Sebastian, If HttpServletRequest.login() from Servlet 3.0 is what you're after, then this is implemented in jetty-8. See http://download.eclipse.org/jetty/8.0.0.M2/dist/. If this solves your problem, then please close the issue. If not, then let us know why by commenting on this issue and we'll see what we can do. cheers Jan
Are you sure that this is implemented in 8.0.0.M2? In 8.0.0.M1 it didn't work and I see that DeferredAuthentication.login is still an empty method with a TODO comment. See Bug 324505.
Sebastian, Working on a fix for jetty-8 now. We're planning another milestone release within the next 2 weeks, but I'll let you know when the fix is in svn anyway. cheers Jan (In reply to comment #4) > Are you sure that this is implemented in 8.0.0.M2? In 8.0.0.M1 it didn't work > and I see that DeferredAuthentication.login is still an empty method with a > TODO comment. See Bug 324505.
Sebastian, We've implemented the login method for jetty-8. Please see https://bugs.eclipse.org/bugs/show_bug.cgi?id=324505 for details of svn rev number. It would be appreciated if you could test this in your setup. thanks Jan
I'm closing this issue as the real issue is captured by https://bugs.eclipse.org/bugs/show_bug.cgi?id=324505. Jan
