NoBug: Integrate latest JSR 375 API and RI (soteria) 1.0-b11 in glassfish 5.0

appserver/pom.xml

@@ -82,8 +82,8 @@
         <javax.security.auth.message-api.version>1.1</javax.security.auth.message-api.version>
         <!-- Ensure that nucleus/pom.xml's javax.validation property is of same value as the one below -->
         <javax.validation-api.version>2.0.0.CR3</javax.validation-api.version>
-        <javax.security.enterprise-api.version>1.0-b09</javax.security.enterprise-api.version>
-        <javax.security.enterprise.version>1.0-b10</javax.security.enterprise.version>
+        <javax.security.enterprise-api.version>1.0-b11</javax.security.enterprise-api.version>
+        <javax.security.enterprise.version>1.0-b11</javax.security.enterprise.version>
 
         <product.name>GlassFish Server Open Source Edition</product.name>
         <brief_product_name>GlassFish Server</brief_product_name>

appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/ApplicationConfig.java

@@ -42,7 +42,6 @@
 import javax.enterprise.context.ApplicationScoped;
 import javax.inject.Named;
 import javax.security.enterprise.identitystore.DatabaseIdentityStoreDefinition;
-import javax.security.enterprise.identitystore.PlaintextPasswordHash;
 
 @DatabaseIdentityStoreDefinition(
     dataSourceLookup="${'jdbc/__default'}", 

appserver/tests/appserv-tests/devtests/security/soteria/app-db/src/main/java/org/glassfish/soteria/test/PlaintextPasswordHash.java

@@ -0,0 +1,68 @@
+/*
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
+ *
+ * Copyright (c) 2017 Oracle and/or its affiliates. All rights reserved.
+ *
+ * The contents of this file are subject to the terms of either the GNU
+ * General Public License Version 2 only ("GPL") or the Common Development
+ * and Distribution License("CDDL") (collectively, the "License").  You
+ * may not use this file except in compliance with the License.  You can
+ * obtain a copy of the License at
+ * https://oss.oracle.com/licenses/CDDL+GPL-1.1
+ * or LICENSE.txt.  See the License for the specific
+ * language governing permissions and limitations under the License.
+ *
+ * When distributing the software, include this License Header Notice in each
+ * file and include the License file at LICENSE.txt.
+ *
+ * GPL Classpath Exception:
+ * Oracle designates this particular file as subject to the "Classpath"
+ * exception as provided by Oracle in the GPL Version 2 section of the License
+ * file that accompanied this code.
+ *
+ * Modifications:
+ * If applicable, add the following below the License Header, with the fields
+ * enclosed by brackets [] replaced by your own identifying information:
+ * "Portions Copyright [year] [name of copyright owner]"
+ *
+ * Contributor(s):
+ * If you wish your version of this file to be governed by only the CDDL or
+ * only the GPL Version 2, indicate your decision by adding "[Contributor]
+ * elects to include this software in this distribution under the [CDDL or GPL
+ * Version 2] license."  If you don't indicate a single choice of license, a
+ * recipient has the option to distribute your version of this file under
+ * either the CDDL, the GPL Version 2 or to extend the choice of license to
+ * its licensees as provided above.  However, if you add GPL Version 2 code
+ * and therefore, elected the GPL Version 2 license, then the option applies
+ * only if the new code is made subject to such option by the copyright
+ * holder.
+ */
+
+package org.glassfish.soteria.test;
+import java.util.Map;
+
+import javax.enterprise.context.Dependent;
+import javax.security.enterprise.identitystore.PasswordHash;
+
+@Dependent
+public class PlaintextPasswordHash implements PasswordHash {
+
+    @Override
+    public void initialize(Map<String, String> parameters) {
+
+    }
+
+    @Override
+    public String generate(char[] password) {
+        return new String(password);
+    }
+
+    @Override
+    public boolean verify(char[] password, String hashedPassword) {
+         //don't bother with constant time comparison; more portable
+         //this way, and algorithm will be used only for testing.
+        return (password != null && password.length > 0 &&
+                hashedPassword != null && hashedPassword.length() > 0 &&
+                hashedPassword.equals(new String(password)));
+    }
+}

appserver/tests/appserv-tests/devtests/security/soteria/pom.xml

@@ -45,7 +45,7 @@
     <modelVersion>4.0.0</modelVersion>
     <parent>
         <groupId>org.glassfish.main</groupId>
-        <artifactId>glassfish-nucleus-parent</artifactId>
+        <artifactId>glassfish-parent</artifactId>
         <version>5.0-SNAPSHOT</version>
         <relativePath/>
     </parent>
@@ -113,13 +113,13 @@
         <dependency>
             <groupId>javax.security.enterprise</groupId>
             <artifactId>javax.security.enterprise-api</artifactId>
-            <version>1.0-b09</version>
+            <version>${javax.security.enterprise-api.version}</version>
             <scope>provided</scope>
         </dependency>
         <dependency>
             <groupId>org.glassfish.soteria</groupId>
             <artifactId>javax.security.enterprise</artifactId>
-            <version>1.0-b10</version>
+            <version>${javax.security.enterprise.version}</version>
             <scope>provided</scope>
         </dependency>
         <dependency>