I2P Address: [http://git.idk.i2p]

Skip to content
Snippets Groups Projects
Commit 9ecfda01 authored by jrandom's avatar jrandom Committed by zzz
Browse files

added basic HTTP authentication for accessing the router console (if a... 

added basic HTTP authentication for accessing the router console (if a consolePassword is specified in the router.config)
unfortunately, this password setting is only read on router startup...
parent b89e26c4
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
apps/routerconsole/java/src/net/i2p/router/web/RouterConsoleRunner.java
+ 51
2
View file @ 9ecfda01
package net.i2p.router.web; package net.i2p.router.web;
import java.io.IOException; import java.io.IOException;
import java.util.List;
import net.i2p.router.RouterContext;
import org.mortbay.jetty.Server; import org.mortbay.jetty.Server;
import org.mortbay.jetty.servlet.WebApplicationContext;
import org.mortbay.http.handler.SecurityHandler;
import org.mortbay.http.HashUserRealm;
import org.mortbay.http.HttpRequest;
import org.mortbay.http.SecurityConstraint;
import org.mortbay.util.MultiException; import org.mortbay.util.MultiException;
public class RouterConsoleRunner { public class RouterConsoleRunner {
private Server _server; private Server _server;
private String _listenPort = "7657"; private String _listenPort = "7657";
private String _listenHost = "0.0.0.0"; private String _listenHost = "127.0.0.1";
private String _webAppsDir = "./webapps/"; private String _webAppsDir = "./webapps/";
public RouterConsoleRunner(String args[]) { public RouterConsoleRunner(String args[]) {
...@@ -25,10 +34,15 @@ public class RouterConsoleRunner { ...@@ -25,10 +34,15 @@ public class RouterConsoleRunner {
public void startConsole() { public void startConsole() {
_server = new Server(); _server = new Server();
WebApplicationContext contexts[] = null;
try { try {
_server.addListener(_listenHost + ':' + _listenPort); _server.addListener(_listenHost + ':' + _listenPort);
_server.setRootWebApp("routerconsole"); _server.setRootWebApp("routerconsole");
_server.addWebApplications(_webAppsDir); contexts = _server.addWebApplications(_webAppsDir);
if (contexts != null) {
for (int i = 0; i < contexts.length; i++)
initialize(contexts[i]);
}
} catch (IOException ioe) { } catch (IOException ioe) {
ioe.printStackTrace(); ioe.printStackTrace();
} }
...@@ -39,6 +53,41 @@ public class RouterConsoleRunner { ...@@ -39,6 +53,41 @@ public class RouterConsoleRunner {
} }
} }
private void initialize(WebApplicationContext context) {
String password = getPassword();
if (password != null) {
HashUserRealm realm = new HashUserRealm();
realm.put("admin", password);
realm.addUserToRole("admin", "routerAdmin");
context.setRealm(realm);
context.addHandler(0, new SecurityHandler());
SecurityConstraint constraint = new SecurityConstraint("admin", "routerAdmin");
constraint.setAuthenticate(true);
context.addSecurityConstraint("/", constraint);
}
}
private String getPassword() {
List contexts = RouterContext.listContexts();
if (contexts != null) {
for (int i = 0; i < contexts.size(); i++) {
RouterContext ctx = (RouterContext)contexts.get(i);
String password = ctx.getProperty("consolePassword");
if (password != null) {
password = password.trim();
if (password.length() > 0) {
return password;
}
}
}
// no password in any context
return null;
} else {
// no contexts?!
return null;
}
}
public void stopConsole() { public void stopConsole() {
try { try {
_server.stop(); _server.stop();
......
installer/java/src/router.config.template
+ 9
0
View file @ 9ecfda01
...@@ -160,6 +160,15 @@ clientApp.2.args=-nocli -e "config localhost ##_router_i2cp_port##" -e "httpclie ...@@ -160,6 +160,15 @@ clientApp.2.args=-nocli -e "config localhost ##_router_i2cp_port##" -e "httpclie
#clientApp.3.main=net.i2p.router.web.RouterConsoleRunner #clientApp.3.main=net.i2p.router.web.RouterConsoleRunner
#clientApp.3.name=webConsole #clientApp.3.name=webConsole
#clientApp.3.args=7657 127.0.0.1 ./webapps/ #clientApp.3.args=7657 127.0.0.1 ./webapps/
#clientApp.3.onBoot=true
# To require simple HTTP authentication for accessing any of the pages underneath the web console
# (including any other webapps deployed), uncomment the following line and set the password
# accordingly (the username is 'admin'). If the following is commented out, or is blank, then
# no password will be required, and anyone will be able to access your router console (and change
# settings, etc). This is only used for the new jetty console (started in clientApp.3.* above)
#
#consolePassword=fooBarBaz
# Network monitor (harvests data from the network database and stores it under # Network monitor (harvests data from the network database and stores it under
# monitorData/, and with the netviewer GUI you can browse through its results) # monitorData/, and with the netviewer GUI you can browse through its results)
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Base32 Address: [http://7qeve4v2chmjdqlwpa3vl7aojf3nodbku7vepnjwrsxljzqipz6a.b32.i2p] Onion Address: [http://47ggr2fa3vnwfyhvgskzdmr3i32eijwymxohtxsls45dulmriwxszjad.onion]