Tips for implementing a custom JAAS login module for Jetty

1) jetty-web.xml

You can gather all specific settings for Jetty in the file WEB-INF/jetty-web.xml, remember to also specify paths for the role principals if you use your own classes for that.

Example jetty-web.xml file:

<!-- Jetty specific config file -->
<!-- Tell jetty where to find login config -->
<Call name="setProperty">
<!-- Bug fix for Jetty to properly handle login config in a per-project setup -->
<Set name="serverClasses">
	<Array type="java.lang.String">
<!-- Create login realm -->
<Get name="securityHandler">
	<Set name="userRealm">
			<Set name="name">*NAME OF YOUR REALM*</Set>
			<Set name="LoginModuleName">*NAME OF YOUR LOGIN CLASS*</Set>
			<Set name="roleClassNames">
				<Array type="java.lang.String">

2) Adding roles to a user in commit

When you want to give a user roles(like admin, moderator etc), you can add those to the user when he or she is authenticated and commit is called upon:

	public boolean commit() throws LoginException {
		MyUserPrincipal user = new MyUserPrincipal("username");
		//Add logged in user as first principal
		//Add roles for the logged in user
		subject.getPrincipals().add( new MyGroupPrincipal("admin") );
		subject.getPrincipals().add( new MyGroupPrincipal("moderator") );