Instructions for enabling password protection of cargo-jetty-7-and-onwards-deployer.war are incomplete

Description

cargo-jetty-7-and-onwards-deployer.war ships with no password protection. Instructions for enabling security are documented here:

https://codehaus-cargo.github.io/cargo/Jetty+Remote+Deployer.html

The instructions say to "Uncomment the part of web.xml that says Uncomment in order to activate security."

The instructions don't mention that you must also add stuff to jetty-web.xml. I added this, to enable password protection:

Activity

Show:
S. Ali Tokmen
January 13, 2016, 7:53 AM

Hi Todd

In that documentation it is assumed the security realm would be configured on a server level, and not webapp level - That's what Jetty called "globally scoped security realm" in http://www.eclipse.org/jetty/documentation/current/configuring-security-authentication.html#d0e5513

What do you think is best? Shall we mention this and give a link or make a more complex example?

Thank you

Todd Hivnor
January 13, 2016, 5:08 PM

The link you provided about how to define a security realm is great. It is the missing clue, in Jetty+Remote+Deployer.html

I would recommend just adding a new step to Jetty+Remote+Deployer.html:

4. Define a security realm. This can be per-webapp or global. See http://www.eclipse.org/jetty/documentation/current/configuring-security-authentication.html#d0e5513

S. Ali Tokmen
January 13, 2016, 7:14 PM

Hi Todd

Thanks https://codehaus-cargo.atlassian.net/wiki/display/CARGO/Jetty+Remote+Deployer is now updated, but it will have to be rendered first so that'll take time to become public.

Regards

Assignee

S. Ali Tokmen

Reporter

Todd Hivnor

Components

Fix versions

Affects versions

Priority

Medium
Configure