Merge pull request #24862 from arjantijms/8.0

Latest 8.0 updates and commits from master

appserver/pom.xml

@@ -97,12 +97,12 @@
 
         <!-- Jakarta Security + Authentication/Authorization -->
         <!-- APIs -->
-        <jakarta.security-api.version>4.0.0-M1</jakarta.security-api.version>
-        <jakarta.authorization-api.version>3.0.0-M1</jakarta.authorization-api.version>
+        <jakarta.security-api.version>4.0.0-M2</jakarta.security-api.version>
+        <jakarta.authorization-api.version>3.0.0-M2</jakarta.authorization-api.version>
         <jakarta.authentication-api.version>3.1.0-M1</jakarta.authentication-api.version>
         <!-- Implementations -->
-        <soteria.version>4.0.0-M1</soteria.version>
-        <exousia.version>3.0.0-M1.1</exousia.version>
+        <soteria.version>4.0.0-M2</soteria.version>
+        <exousia.version>3.0.0-M2</exousia.version>
         <epicyro.version>3.1.0-M1</epicyro.version>
         <!-- Dependencies -->
         <nimbus.version>9.38-rc3</nimbus.version>
@@ -158,7 +158,7 @@
 
         <!-- MicroProfile Config -->
         <microprofile.config-api.version>3.1</microprofile.config-api.version>
-        <helidon-config.version>4.0.5</helidon-config.version>
+        <helidon-config.version>4.0.6</helidon-config.version>
 
         <!-- MicroProfile JWT / JWT Authentication Mechanism for Jakarta Security -->
         <microprofile-jwt-auth-api.version>2.1</microprofile-jwt-auth-api.version>

appserver/tests/application/src/test/java/org/glassfish/main/test/app/security/defaultp2r/DefaultP2RAuthTest.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023 Eclipse Foundation and/or its affiliates. All rights reserved.
+ * Copyright (c) 2023, 2024 Eclipse Foundation and/or its affiliates. All rights reserved.
  *
  * This program and the accompanying materials are made available under the
  * terms of the Eclipse Public License v. 2.0, which is available at
@@ -25,7 +25,7 @@
 
 import java.io.File;
 import java.lang.System.Logger;
-import java.net.URL;
+import java.net.URI;
 import org.glassfish.main.itest.tools.GlassFishTestEnvironment;
 import org.glassfish.main.itest.tools.HttpClient10;
 import org.glassfish.main.itest.tools.HttpClient10.HttpResponse;
@@ -94,16 +94,20 @@ public static void cleanup() {
 
     @Test
     void p2rEnabled() throws Exception {
+        LOG.log(INFO, "Running p2rEnabled");
+
         assertThat(ASADMIN.exec("set", SERVER_CFG_PROPERTY + "=true"), asadminOK());
         assertThat(ASADMIN.exec("deploy", "--target", "server", warFile.getAbsolutePath()), asadminOK());
 
-        HttpClient10 client = new HttpClient10(new URL("http://localhost:8080/" + APP_NAME + "/TestServlet"),
+        HttpClient10 client = new HttpClient10(new URI("http://localhost:8080/" + APP_NAME + "/TestServlet").toURL(),
             USER_NAME, USER_PASSWORD);
+
         HttpResponse responseFoo = client.send("FOO", null);
         assertAll(
             () -> assertThat(responseFoo.responseLine, equalTo("HTTP/1.1 200 OK")),
             () -> assertThat(responseFoo.body, equalTo("doFoo with bobby"))
         );
+
         HttpResponse responseGet = client.send("GET", null);
         assertAll(
             () -> assertThat(responseGet.responseLine, equalTo("HTTP/1.1 200 OK")),
@@ -114,11 +118,14 @@ void p2rEnabled() throws Exception {
 
     @Test
     void p2rDisabled() throws Exception {
+        LOG.log(INFO, "Running p2rDisabled");
+
         assertThat(ASADMIN.exec("set", SERVER_CFG_PROPERTY + "=false"), asadminOK());
         assertThat(ASADMIN.exec("deploy", "--target", "server", warFile.getAbsolutePath()), asadminOK());
 
-        HttpClient10 client = new HttpClient10(new URL("http://localhost:8080/" + APP_NAME + "/TestServlet"),
+        HttpClient10 client = new HttpClient10(new URI("http://localhost:8080/" + APP_NAME + "/TestServlet").toURL(),
             USER_NAME, USER_PASSWORD);
+
         HttpResponse responseGet = client.send("GET", null);
         assertThat(responseGet.responseLine, equalTo("HTTP/1.1 403 Forbidden"));
     }

appserver/tests/application/src/test/java/org/glassfish/main/test/app/security/jmac/http/servlet/basic/HttpServletBasicAuthTest.java

@@ -63,7 +63,7 @@ public class HttpServletBasicAuthTest {
     private static File warFile;
     private static File keyFile;
 
-    private static File loginModuleFile;
+    private static File serverAuthModuleFile;
 
     @BeforeAll
     public static void prepareDeployment() {
@@ -75,12 +75,15 @@ public static void prepareDeployment() {
             asadminOK());
         createFileUser(FILE_REALM_NAME, USER_NAME, USER_PASSWORD, "mygroup");
 
-        JavaArchive loginModule = ShrinkWrap.create(JavaArchive.class).addClass(MyHttpServletResponseWrapper.class)
-            .addClass(HttpServletTestAuthModule.class).addClass(MyPrintWriter.class);
-        LOG.log(INFO, loginModule.toString(true));
-        loginModuleFile = new File(getDomain1Directory().toAbsolutePath().resolve("../../lib").toFile(),
+        JavaArchive serverAuthModule = ShrinkWrap.create(JavaArchive.class)
+                .addClass(MyHttpServletResponseWrapper.class)
+                .addClass(HttpServletTestAuthModule.class)
+                .addClass(MyPrintWriter.class);
+
+        LOG.log(INFO, serverAuthModule.toString(true));
+        serverAuthModuleFile = new File(getDomain1Directory().toAbsolutePath().resolve("../../lib").toFile(),
             "testLoginModule.jar");
-        loginModule.as(ZipExporter.class).exportTo(loginModuleFile, true);
+        serverAuthModule.as(ZipExporter.class).exportTo(serverAuthModuleFile, true);
 
         assertThat(ASADMIN.exec("create-message-security-provider",
             "--classname", HttpServletTestAuthModule.class.getName(),
@@ -96,7 +99,7 @@ public static void prepareDeployment() {
 
         warFile = new File(tempDir, APP_NAME + ".war");
         webArchive.as(ZipExporter.class).exportTo(warFile, true);
-        assertThat(ASADMIN.exec("deploy", "--libraries", loginModuleFile.getAbsolutePath(), "--target", "server",
+        assertThat(ASADMIN.exec("deploy", "--libraries", serverAuthModuleFile.getAbsolutePath(), "--target", "server",
             warFile.getAbsolutePath()), asadminOK());
     }
 
@@ -109,17 +112,20 @@ public static void cleanup() {
         ASADMIN.exec("delete-auth-realm", FILE_REALM_NAME);
         delete(warFile);
         delete(keyFile);
-        delete(loginModuleFile);
+        delete(serverAuthModuleFile);
     }
 
 
     @Test
     void test() throws Exception {
         HttpURLConnection connection = openConnection(8080, "/" + APP_NAME + "/index.jsp");
         connection.setRequestMethod("GET");
+
         String basicAuth = Base64.getEncoder().encodeToString((USER_NAME + ":" + USER_PASSWORD).getBytes(UTF_8));
         connection.setRequestProperty("Authorization", "Basic " + basicAuth);
+
         assertThat(connection.getResponseCode(), equalTo(200));
+
         try (InputStream is = connection.getInputStream()) {
             String text = new String(is.readAllBytes(), UTF_8);
             assertThat(text, stringContainsInOrder(

nucleus/parent/pom.xml

@@ -140,7 +140,7 @@
         <antlr.version>2.7.8</antlr.version>
         <ant.version>1.10.14</ant.version>
         <ant.external.version>1.10.2</ant.external.version>
-        <jackson.version>2.17.0-rc1</jackson.version>
+        <jackson.version>2.17.0</jackson.version>
         <fasterxml.classmate.version>1.7.0</fasterxml.classmate.version>
         <stax-api.version>1.0-2</stax-api.version>
         <jettison.version>1.5.4</jettison.version>
@@ -924,7 +924,7 @@
                         <dependency>
                             <groupId>com.puppycrawl.tools</groupId>
                             <artifactId>checkstyle</artifactId>
-                            <version>10.14.1</version>
+                            <version>10.14.2</version>
                         </dependency>
                     </dependencies>
                     <executions>