Setup Meecrowave BASIC security by configuration
Being able to setup very quickly a light http server with BASIC security enables to quickly share document between teams. Let see how to do it with Apache Meecrowave.
The first step is to bundle your application/resources in meecrowave. This can be done from a lot of manner but using its maven plugin is quite quick:
<plugin>
<groupId>org.apache.meecrowave</groupId>
<artifactId>meecrowave-maven-plugin</artifactId>
<version>1.2.10</version>
<executions>
<execution>
<id>bundle</id>
<phase>package</phase>
<goals>
<goal>bundle</goal>
</goals>
<configuration>
<webapp>${project.build.directory}/my-resources</webapp>
</configuration>
</execution>
</executions>
</plugin>
Now if you run mvn package
, a zip will be created in target containing a Meecrowave distribution with your folder my-resources
served.
The next step is to secure it with BASIC authentication.
Personally I do it in meecrowave.properties
- but there are programmatic or other configuration mecanism if you prefer like a plain CLI options based one.
Since I’m using the maven plugin I will create meecrowave.properties
in src/main/meecrowave/conf
folder.
The in its content I will setup the basic login method, add a logged security constraint on the webapp and register my users:
(1)
login=
login.authMethod=BASIC
login.realmName=Secured Area
(2)
securityConstraint=
securityConstraint.authConstraint=true
securityConstraint.authRole=**
securityConstraint.collection=secured:/*
(3)
users.the-name=the-password
1 | The login config enables a basic authenticator on the web application |
2 | The security contraint binds on / for all methods (since no explicit method is set) as requiring the role * which means "user is logged in" |
3 | The user the-name will use the password the-password |
the password can be ciphered with standard Meecrowave mechanism if needed. |
Now rebundle your distribution (mvn package
), extract it and run it (./bin/meecrowave.sh run
) and to access to your webapp you will need to enter a valid user credentials :).
From the same author:
In the same category: