在Jetty中配置hawtio安全性。登录失败，因为没有为hawtio配置LoginModules

Question

我试图为在Jetty中运行的hawtio配置安全性。

我遵循了这里指令，但是当我尝试验证时，我在日志中得到了错误

警告: qtp28021517-18 \x登录失败，到期为空

没什么好说的。

日志也没有显示任何明显的东西。我唯一能想到的就是启用调试日志，这是我在jetty容器上做的，但是它对hawtio输出没有任何影响。

[jetty@ip-10-187-44-108 etc]$ tail -500f /opt/web/mybase/logs/2014_12_05.stderrout.log
2014-12-05 14:46:09.519:INFO:oejs.Server:main: jetty-9.2.5.v20141112
2014-12-05 14:46:09.541:INFO:oejdp.ScanningAppProvider:main: Deployment monitor [file:/opt/web/mybase/webapps/] at interval 1
2014-12-05 14:46:11.037:INFO:oejw.StandardDescriptorProcessor:main: NO JSP Support for /hawtio, did not find org.apache.jasper.servlet.JspServlet
INFO  | main | Configuration will be discovered via system properties
INFO  | main | Welcome to hawtio 1.4.37 : http://hawt.io/ : Don't cha wish your console was hawt like me? ;-)
INFO  | main | Using file upload directory: /opt/jetty/temp/uploads
WARN  | main | No ConfigFacade constructed yet so using default configuration for now
INFO  | main | hawtio using config directory: /opt/jetty/temp/.hawtio/config
INFO  | main | Performing a pull in git repository /opt/jetty/temp/.hawtio/config on remote URL: https://github.com/hawtio/hawtio-config.git. Subsequent pull attempts will use debug logging
WARN  | main | Local JVM discovery disabled as this JVM cannot access com.sun.tools.attach.VirtualMachine due to: com/sun/tools/attach/VirtualMachine
INFO  | main | Starting hawtio authentication filter, JAAS realm: "hawtio" authorized role(s): "admin" role principal classes: ""
2014-12-05 14:46:12.551:INFO:hawtio:main: jolokia-agent: Using access restrictor classpath:/jolokia-access.xml
2014-12-05 14:46:12.629:INFO:oejsh.ContextHandler:main: Started o.e.j.w.WebAppContext@16e8792{/hawtio,file:/opt/jetty/temp/jetty-0.0.0.0-8282-hawtio.war-_hawtio-any-3488744180783766801.dir/webapp/,AVAILABLE}{/hawtio.war}
2014-12-05 14:46:12.643:INFO:oejs.ServerConnector:main: Started ServerConnector@466d6c{HTTP/1.1}{0.0.0.0:8282}
2014-12-05 14:46:12.643:INFO:oejs.Server:main: Started @3786ms
WARN  | qtp28021517-18 | Login failed due null

Answer 1

我们开始在应用程序中嵌入Hawtio，但发现它对构建有点敏感，并且存在库问题。因此，在应用程序的命令行中更容易使用Jolokia代理，我们希望在单独的tomcat容器中监视和使用Hawtio文件。然后，您可以使用标准Tomcat安全性。