下面列出了org.springframework.boot.web.servlet.server.ServletWebServerFactory#org.apache.tomcat.util.descriptor.web.SecurityConstraint 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
private void setUpDigest(Tomcat tomcat) throws Exception {
// Must have a real docBase for webapps - just use temp
Context ctxt = tomcat.addContext(CONTEXT_PATH_DIGEST,
System.getProperty("java.io.tmpdir"));
ctxt.setSessionTimeout(SHORT_TIMEOUT_SECS);
// Add protected servlet
Tomcat.addServlet(ctxt, "TesterServlet3", new TesterServlet());
ctxt.addServletMappingDecoded(URI_PROTECTED, "TesterServlet3");
SecurityCollection collection = new SecurityCollection();
collection.addPatternDecoded(URI_PROTECTED);
SecurityConstraint sc = new SecurityConstraint();
sc.addAuthRole(ROLE);
sc.addCollection(collection);
ctxt.addConstraint(sc);
// Configure the appropriate authenticator
LoginConfig lc = new LoginConfig();
lc.setAuthMethod("DIGEST");
ctxt.setLoginConfig(lc);
ctxt.getPipeline().addValve(new DigestAuthenticator());
}
private List<io.undertow.servlet.api.SecurityConstraint> getSecurityConstraints() {
List<io.undertow.servlet.api.SecurityConstraint> undertowSecurityConstraints = new ArrayList<io.undertow.servlet.api.SecurityConstraint>();
for (KeycloakSpringBootProperties.SecurityConstraint constraintDefinition : keycloakProperties.getSecurityConstraints()) {
io.undertow.servlet.api.SecurityConstraint undertowSecurityConstraint = new io.undertow.servlet.api.SecurityConstraint();
undertowSecurityConstraint.addRolesAllowed(constraintDefinition.getAuthRoles());
for (KeycloakSpringBootProperties.SecurityCollection collectionDefinition : constraintDefinition.getSecurityCollections()) {
WebResourceCollection webResourceCollection = new WebResourceCollection();
webResourceCollection.addHttpMethods(collectionDefinition.getMethods());
webResourceCollection.addHttpMethodOmissions(collectionDefinition.getOmittedMethods());
webResourceCollection.addUrlPatterns(collectionDefinition.getPatterns());
undertowSecurityConstraint.addWebResourceCollections(webResourceCollection);
}
undertowSecurityConstraints.add(undertowSecurityConstraint);
}
return undertowSecurityConstraints;
}
@Test
public void testCombineConstraints04() throws IOException {
// Allowed roles should be the union of the roles in the constraints
// * is any app role
// User role is not in any constraint
List<String> userRoles = new ArrayList<>();
List<String> constraintOneRoles = new ArrayList<>();
List<String> constraintTwoRoles = new ArrayList<>();
List<String> applicationRoles = new ArrayList<>();
userRoles.add(ROLE99);
constraintOneRoles.add(ROLE1);
constraintTwoRoles.add(SecurityConstraint.ROLE_ALL_ROLES);
applicationRoles.add(ROLE2);
applicationRoles.add(ROLE3);
doRoleTest(userRoles, constraintOneRoles, constraintTwoRoles,
applicationRoles, false);
}
@Test
public void testCombineConstraints05() throws IOException {
// Allowed roles should be the union of the roles in the constraints
// * is any app role
// User role is a non-app constraint role
List<String> userRoles = new ArrayList<>();
List<String> constraintOneRoles = new ArrayList<>();
List<String> constraintTwoRoles = new ArrayList<>();
List<String> applicationRoles = new ArrayList<>();
userRoles.add(ROLE1);
constraintOneRoles.add(ROLE1);
constraintTwoRoles.add(SecurityConstraint.ROLE_ALL_ROLES);
applicationRoles.add(ROLE2);
applicationRoles.add(ROLE3);
doRoleTest(userRoles, constraintOneRoles, constraintTwoRoles,
applicationRoles, true);
}
@Test
public void testCombineConstraints06() throws IOException {
// Allowed roles should be the union of the roles in the constraints
// * is any app role
// User role is an app role
List<String> userRoles = new ArrayList<>();
List<String> constraintOneRoles = new ArrayList<>();
List<String> constraintTwoRoles = new ArrayList<>();
List<String> applicationRoles = new ArrayList<>();
userRoles.add(ROLE2);
constraintOneRoles.add(ROLE1);
constraintTwoRoles.add(SecurityConstraint.ROLE_ALL_ROLES);
applicationRoles.add(ROLE2);
applicationRoles.add(ROLE3);
doRoleTest(userRoles, constraintOneRoles, constraintTwoRoles,
applicationRoles, true);
}
@Test
public void testCombineConstraints07() throws IOException {
// Allowed roles should be the union of the roles in the constraints
// * is any app role
// User has no role
List<String> userRoles = new ArrayList<>();
List<String> constraintOneRoles = new ArrayList<>();
List<String> constraintTwoRoles = new ArrayList<>();
List<String> applicationRoles = new ArrayList<>();
constraintOneRoles.add(ROLE1);
constraintTwoRoles.add(SecurityConstraint.ROLE_ALL_ROLES);
applicationRoles.add(ROLE2);
applicationRoles.add(ROLE3);
doRoleTest(userRoles, constraintOneRoles, constraintTwoRoles,
applicationRoles, false);
}
@Test
public void testCombineConstraints08() throws IOException {
// Allowed roles should be the union of the roles in the constraints
// ** is any authenticated user
// User has no role
List<String> userRoles = new ArrayList<>();
List<String> constraintOneRoles = new ArrayList<>();
List<String> constraintTwoRoles = new ArrayList<>();
List<String> applicationRoles = new ArrayList<>();
constraintOneRoles.add(ROLE1);
constraintTwoRoles.add(SecurityConstraint.ROLE_ALL_AUTHENTICATED_USERS);
applicationRoles.add(ROLE2);
applicationRoles.add(ROLE3);
doRoleTest(userRoles, constraintOneRoles, constraintTwoRoles,
applicationRoles, true);
}
@Test
public void testCombineConstraints09() throws IOException {
// Allowed roles should be the union of the roles in the constraints
// ** is any authenticated user
// User has constraint role
List<String> userRoles = new ArrayList<>();
List<String> constraintOneRoles = new ArrayList<>();
List<String> constraintTwoRoles = new ArrayList<>();
List<String> applicationRoles = new ArrayList<>();
userRoles.add(ROLE1);
constraintOneRoles.add(ROLE1);
constraintTwoRoles.add(SecurityConstraint.ROLE_ALL_AUTHENTICATED_USERS);
applicationRoles.add(ROLE2);
applicationRoles.add(ROLE3);
doRoleTest(userRoles, constraintOneRoles, constraintTwoRoles,
applicationRoles, true);
}
@Test
public void testCombineConstraints10() throws IOException {
// Allowed roles should be the union of the roles in the constraints
// ** is any authenticated user
// User has app role
List<String> userRoles = new ArrayList<>();
List<String> constraintOneRoles = new ArrayList<>();
List<String> constraintTwoRoles = new ArrayList<>();
List<String> applicationRoles = new ArrayList<>();
userRoles.add(ROLE2);
constraintOneRoles.add(ROLE1);
constraintTwoRoles.add(SecurityConstraint.ROLE_ALL_AUTHENTICATED_USERS);
applicationRoles.add(ROLE2);
applicationRoles.add(ROLE3);
doRoleTest(userRoles, constraintOneRoles, constraintTwoRoles,
applicationRoles, true);
}
@Test
public void testCombineConstraints11() throws IOException {
// Allowed roles should be the union of the roles in the constraints
// ** is any authenticated user
// User is not authenticated
List<String> constraintOneRoles = new ArrayList<>();
List<String> constraintTwoRoles = new ArrayList<>();
List<String> applicationRoles = new ArrayList<>();
constraintOneRoles.add(ROLE1);
constraintTwoRoles.add(SecurityConstraint.ROLE_ALL_AUTHENTICATED_USERS);
applicationRoles.add(ROLE2);
applicationRoles.add(ROLE3);
doRoleTest(null, constraintOneRoles, constraintTwoRoles,
applicationRoles, false);
}
@Test
public void testCombineConstraints16() throws IOException {
// Allowed roles should be the union of the roles in the constraints
// Constraint with empty auth section prevents all access
// User has matching role
List<String> userRoles = new ArrayList<>();
List<String> constraintOneRoles = new ArrayList<>();
List<String> constraintTwoRoles = new ArrayList<>();
List<String> applicationRoles = new ArrayList<>();
userRoles.add(ROLE1);
constraintTwoRoles.add(SecurityConstraint.ROLE_ALL_ROLES);
applicationRoles.add(ROLE1);
doRoleTest(userRoles, constraintOneRoles, constraintTwoRoles,
applicationRoles, false);
}
@Test
public void testCombineConstraints17() throws IOException {
// Allowed roles should be the union of the roles in the constraints
// Constraint with empty auth section prevents all access
// User matches all authenticated users
List<String> userRoles = new ArrayList<>();
List<String> constraintOneRoles = new ArrayList<>();
List<String> constraintTwoRoles = new ArrayList<>();
List<String> applicationRoles = new ArrayList<>();
userRoles.add(ROLE1);
constraintTwoRoles.add(SecurityConstraint.ROLE_ALL_AUTHENTICATED_USERS);
applicationRoles.add(ROLE1);
doRoleTest(userRoles, constraintOneRoles, constraintTwoRoles,
applicationRoles, false);
}
@Bean
public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector){
TomcatServletWebServerFactory tomcat=new TomcatServletWebServerFactory(){
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint=new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection=new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(connector);
return tomcat;
}
@Bean
TomcatServletWebServerFactory tomcatServletWebServerFactory() {
TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint constraint = new SecurityConstraint();
constraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
constraint.addCollection(collection);
context.addConstraint(constraint);
}
};
factory.addAdditionalTomcatConnectors(createTomcatConnector());
return factory;
}
/**
* 配置内置的Servlet容器工厂为Tomcat
* @return
*/
@Bean
public ServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
//添加配置信息,主要是Http的配置信息
tomcat.addAdditionalTomcatConnectors(redirectConnector());
return tomcat;
}
@Bean
public EmbeddedServletContainerFactory servletContainer() {
TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
@Override
protected void postProcessContext(Context context) {
if (environment.getProperty("server.ssl.enabled", Boolean.class, Boolean.FALSE)) {
SecurityConstraint constraint = new SecurityConstraint();
constraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
constraint.addCollection(collection);
context.addConstraint(constraint);
} else {
super.postProcessContext(context);
}
}
};
if (environment.getProperty("server.ssl.enabled", Boolean.class, Boolean.FALSE)) {
tomcat.addAdditionalTomcatConnectors(httpConnector());
}
return tomcat;
}
@Bean
public ServletWebServerFactory servletContainer() {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(redirectConnector());
return tomcat;
}
@Bean
public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector) {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(connector);
return tomcat;
}
@Bean
public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector) {
TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(connector);
return tomcat;
}
@Bean
public EmbeddedServletContainerFactory servletContainer() {
TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
@Override
protected void postProcessContext(Context context) {
// SecurityConstraint必须存在,可以通过其为不同的URL设置不同的重定向策略。
SecurityConstraint constraint = new SecurityConstraint();
constraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
constraint.addCollection(collection);
context.addConstraint(constraint);
}
};
tomcat.addAdditionalTomcatConnectors(httpConnector());
return tomcat;
}
@Bean
public EmbeddedServletContainerFactory servletContainer() {
if (https) {
TomcatEmbeddedServletContainerFactory tomcat =
new TomcatEmbeddedServletContainerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(initiateHttpConnector());
return tomcat;
}
return new TomcatEmbeddedServletContainerFactory();
}
private void addSecurityConstraint(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
collection.addMethod("HEAD");
collection.addMethod("PUT");
collection.addMethod("DELETE");
collection.addMethod("OPTIONS");
collection.addMethod("TRACE");
collection.addMethod("COPY");
collection.addMethod("SEARCH");
collection.addMethod("PROPFIND");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
@Bean
public EmbeddedServletContainerFactory servletContainer() {
TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(initiateHttpConnector());
return tomcat;
}
/**
* Validate the usage of security role names in the web application
* deployment descriptor. If any problems are found, issue warning
* messages (for backwards compatibility) and add the missing roles.
* (To make these problems fatal instead, simply set the <code>ok</code>
* instance variable to <code>false</code> as well).
*/
protected void validateSecurityRoles() {
// Check role names used in <security-constraint> elements
SecurityConstraint constraints[] = context.findConstraints();
for (int i = 0; i < constraints.length; i++) {
String roles[] = constraints[i].findAuthRoles();
for (int j = 0; j < roles.length; j++) {
if (!"*".equals(roles[j]) &&
!context.findSecurityRole(roles[j])) {
log.warn(sm.getString("contextConfig.role.auth", roles[j]));
context.addSecurityRole(roles[j]);
}
}
}
// Check role names used in <servlet> elements
Container wrappers[] = context.findChildren();
for (int i = 0; i < wrappers.length; i++) {
Wrapper wrapper = (Wrapper) wrappers[i];
String runAs = wrapper.getRunAs();
if ((runAs != null) && !context.findSecurityRole(runAs)) {
log.warn(sm.getString("contextConfig.role.runas", runAs));
context.addSecurityRole(runAs);
}
String names[] = wrapper.findSecurityReferences();
for (int j = 0; j < names.length; j++) {
String link = wrapper.findSecurityReference(names[j]);
if ((link != null) && !context.findSecurityRole(link)) {
log.warn(sm.getString("contextConfig.role.link", link));
context.addSecurityRole(link);
}
}
}
}
/**
* Return the security constraints for this web application.
* If there are none, a zero-length array is returned.
* @return a string array with a representation of each
* security constraint
* @throws MBeanException propagated from the managed resource access
*/
public String[] findConstraints() throws MBeanException {
Context context = doGetManagedResource();
SecurityConstraint[] constraints = context.findConstraints();
String[] stringConstraints = new String[constraints.length];
for (int counter = 0; counter < constraints.length; counter++) {
stringConstraints[counter] = constraints[counter].toString();
}
return stringConstraints;
}
/**
* Convert an ArrayList to a SecurityConstraint [].
*/
private SecurityConstraint [] resultsToArray(
ArrayList<SecurityConstraint> results) {
if(results == null || results.size() == 0) {
return null;
}
SecurityConstraint [] array = new SecurityConstraint[results.size()];
results.toArray(array);
return array;
}
private void setUpNonLogin(Tomcat tomcat) throws Exception {
// Must have a real docBase for webapps - just use temp
Context ctxt = tomcat.addContext(CONTEXT_PATH_NOLOGIN,
System.getProperty("java.io.tmpdir"));
ctxt.setSessionTimeout(LONG_TIMEOUT_SECS);
// Add protected servlet
Tomcat.addServlet(ctxt, "TesterServlet1", new TesterServlet());
ctxt.addServletMappingDecoded(URI_PROTECTED, "TesterServlet1");
SecurityCollection collection1 = new SecurityCollection();
collection1.addPatternDecoded(URI_PROTECTED);
SecurityConstraint sc1 = new SecurityConstraint();
sc1.addAuthRole(ROLE);
sc1.addCollection(collection1);
ctxt.addConstraint(sc1);
// Add unprotected servlet
Tomcat.addServlet(ctxt, "TesterServlet2", new TesterServlet());
ctxt.addServletMappingDecoded(URI_PUBLIC, "TesterServlet2");
SecurityCollection collection2 = new SecurityCollection();
collection2.addPatternDecoded(URI_PUBLIC);
SecurityConstraint sc2 = new SecurityConstraint();
// do not add a role - which signals access permitted without one
sc2.addCollection(collection2);
ctxt.addConstraint(sc2);
// Configure the appropriate authenticator
LoginConfig lc = new LoginConfig();
lc.setAuthMethod("NONE");
ctxt.setLoginConfig(lc);
ctxt.getPipeline().addValve(new NonLoginAuthenticator());
}
private void setUpNonLogin() throws Exception {
// Must have a real docBase for webapps - just use temp
nonloginContext = tomcat.addContext(CONTEXT_PATH_NOLOGIN,
System.getProperty("java.io.tmpdir"));
nonloginContext.setSessionTimeout(LONG_SESSION_TIMEOUT_MINS);
// Add protected servlet to the context
Tomcat.addServlet(nonloginContext, "TesterServlet1",
new TesterServletEncodeUrl());
nonloginContext.addServletMappingDecoded(URI_PROTECTED, "TesterServlet1");
SecurityCollection collection1 = new SecurityCollection();
collection1.addPatternDecoded(URI_PROTECTED);
SecurityConstraint sc1 = new SecurityConstraint();
sc1.addAuthRole(ROLE);
sc1.addCollection(collection1);
nonloginContext.addConstraint(sc1);
// Add unprotected servlet to the context
Tomcat.addServlet(nonloginContext, "TesterServlet2",
new TesterServletEncodeUrl());
nonloginContext.addServletMappingDecoded(URI_PUBLIC, "TesterServlet2");
SecurityCollection collection2 = new SecurityCollection();
collection2.addPatternDecoded(URI_PUBLIC);
SecurityConstraint sc2 = new SecurityConstraint();
// do not add a role - which signals access permitted without one
sc2.addCollection(collection2);
nonloginContext.addConstraint(sc2);
// Configure the authenticator and inherit the Realm from Engine
LoginConfig lc = new LoginConfig();
lc.setAuthMethod("NONE");
nonloginContext.setLoginConfig(lc);
AuthenticatorBase nonloginAuthenticator = new NonLoginAuthenticator();
nonloginContext.getPipeline().addValve(nonloginAuthenticator);
}
private void setUpLogin() throws Exception {
// Must have a real docBase for webapps - just use temp
basicContext = tomcat.addContext(CONTEXT_PATH_LOGIN,
System.getProperty("java.io.tmpdir"));
basicContext.setSessionTimeout(SHORT_SESSION_TIMEOUT_MINS);
// Add protected servlet to the context
Tomcat.addServlet(basicContext, "TesterServlet3",
new TesterServletEncodeUrl());
basicContext.addServletMappingDecoded(URI_PROTECTED, "TesterServlet3");
SecurityCollection collection = new SecurityCollection();
collection.addPatternDecoded(URI_PROTECTED);
SecurityConstraint sc = new SecurityConstraint();
sc.addAuthRole(ROLE);
sc.addCollection(collection);
basicContext.addConstraint(sc);
// Add unprotected servlet to the context
Tomcat.addServlet(basicContext, "TesterServlet4",
new TesterServletEncodeUrl());
basicContext.addServletMappingDecoded(URI_PUBLIC, "TesterServlet4");
SecurityCollection collection2 = new SecurityCollection();
collection2.addPatternDecoded(URI_PUBLIC);
SecurityConstraint sc2 = new SecurityConstraint();
// do not add a role - which signals access permitted without one
sc2.addCollection(collection2);
basicContext.addConstraint(sc2);
// Configure the authenticator and inherit the Realm from Engine
LoginConfig lc = new LoginConfig();
lc.setAuthMethod("BASIC");
basicContext.setLoginConfig(lc);
AuthenticatorBase basicAuthenticator = new BasicAuthenticator();
basicContext.getPipeline().addValve(basicAuthenticator);
}
private void setUpNonLogin() throws Exception {
// Must have a real docBase for webapps - just use temp
nonloginContext = tomcat.addContext(CONTEXT_PATH_NOLOGIN,
System.getProperty("java.io.tmpdir"));
// Add protected servlet to the context
Tomcat.addServlet(nonloginContext, "TesterServlet1", new TesterServlet());
nonloginContext.addServletMappingDecoded(URI_PROTECTED, "TesterServlet1");
SecurityCollection collection1 = new SecurityCollection();
collection1.addPatternDecoded(URI_PROTECTED);
SecurityConstraint sc1 = new SecurityConstraint();
sc1.addAuthRole(ROLE);
sc1.addCollection(collection1);
nonloginContext.addConstraint(sc1);
// Add unprotected servlet to the context
Tomcat.addServlet(nonloginContext, "TesterServlet2", new TesterServlet());
nonloginContext.addServletMappingDecoded(URI_PUBLIC, "TesterServlet2");
SecurityCollection collection2 = new SecurityCollection();
collection2.addPatternDecoded(URI_PUBLIC);
SecurityConstraint sc2 = new SecurityConstraint();
// do not add a role - which signals access permitted without one
sc2.addCollection(collection2);
nonloginContext.addConstraint(sc2);
// Configure the authenticator and inherit the Realm from Engine
LoginConfig lc = new LoginConfig();
lc.setAuthMethod("NONE");
nonloginContext.setLoginConfig(lc);
AuthenticatorBase nonloginAuthenticator = new NonLoginAuthenticator();
nonloginContext.getPipeline().addValve(nonloginAuthenticator);
}