Jetty 12 merge from 11 and fix JAAS ldap login test (#10857)

* Merge from jetty-10.0.x to jetty-11.0.x * Fixes #10812 - Correct awaitility dependency scope (#10813) * Bump org.apache.logging.log4j:log4j-api from 2.20.0 to 2.21.1 Bumps org.apache.logging.log4j:log4j-api from 2.20.0 to 2.21.1. --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump maven.plugin-tools.version from 3.9.0 to 3.10.1 Bumps `maven.plugin-tools.version` from 3.9.0 to 3.10.1. Updates `org.apache.maven.plugin-tools:maven-plugin-annotations` from 3.9.0 to 3.10.1 - [Release notes](https://github.com/apache/maven-plugin-tools/releases) - [Commits](apache/maven-plugin-tools@maven-plugin-tools-3.9.0...maven-plugin-tools-3.10.1) Updates `org.apache.maven.plugin-tools:maven-plugin-tools-api` from 3.9.0 to 3.10.1 - [Release notes](https://github.com/apache/maven-plugin-tools/releases) - [Commits](apache/maven-plugin-tools@maven-plugin-tools-3.9.0...maven-plugin-tools-3.10.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugin-tools:maven-plugin-annotations dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.apache.maven.plugin-tools:maven-plugin-tools-api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.maven.plugins:maven-clean-plugin from 3.3.1 to 3.3.2 Bumps [org.apache.maven.plugins:maven-clean-plugin](https://github.com/apache/maven-clean-plugin) from 3.3.1 to 3.3.2. - [Release notes](https://github.com/apache/maven-clean-plugin/releases) - [Commits](apache/maven-clean-plugin@maven-clean-plugin-3.3.1...maven-clean-plugin-3.3.2) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-clean-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.maven.plugins:maven-dependency-plugin Bumps [org.apache.maven.plugins:maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 3.6.0 to 3.6.1. - [Commits](apache/maven-dependency-plugin@maven-dependency-plugin-3.6.0...maven-dependency-plugin-3.6.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-dependency-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump commons-io:commons-io from 2.14.0 to 2.15.0 Bumps commons-io:commons-io from 2.14.0 to 2.15.0. --- updated-dependencies: - dependency-name: commons-io:commons-io dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.maven.plugins:maven-plugin-plugin from 3.9.0 to 3.10.1 Bumps [org.apache.maven.plugins:maven-plugin-plugin](https://github.com/apache/maven-plugin-tools) from 3.9.0 to 3.10.1. - [Release notes](https://github.com/apache/maven-plugin-tools/releases) - [Commits](apache/maven-plugin-tools@maven-plugin-tools-3.9.0...maven-plugin-tools-3.10.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-plugin-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump maven.surefire.plugin.version from 3.1.2 to 3.2.1 Bumps `maven.surefire.plugin.version` from 3.1.2 to 3.2.1. Updates `org.apache.maven.plugins:maven-failsafe-plugin` from 3.1.2 to 3.2.1 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.1.2...surefire-3.2.1) Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.1.2 to 3.2.1 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.1.2...surefire-3.2.1) Updates `org.apache.maven.surefire:surefire-junit47` from 3.1.2 to 3.2.1 --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-failsafe-plugin dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.apache.maven.surefire:surefire-junit47 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.apache.maven.plugins:maven-checkstyle-plugin Bumps [org.apache.maven.plugins:maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin) from 3.3.0 to 3.3.1. - [Commits](apache/maven-checkstyle-plugin@maven-checkstyle-plugin-3.3.0...maven-checkstyle-plugin-3.3.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-checkstyle-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump apacheds.version from 2.0.0.AM26 to 2.0.0.AM27 (#10836) * Bump apacheds.version from 2.0.0.AM26 to 2.0.0.AM27 Bumps `apacheds.version` from 2.0.0.AM26 to 2.0.0.AM27. Updates `org.apache.directory.server:apacheds-test-framework` from 2.0.0.AM26 to 2.0.0.AM27 - [Commits](apache/directory-server@2.0.0.AM26...2.0.0.AM27) Updates `org.apache.directory.server:apacheds-server-integ` from 2.0.0.AM26 to 2.0.0.AM27 - [Commits](apache/directory-server@2.0.0.AM26...2.0.0.AM27) Updates `org.apache.directory.server:apacheds-core-integ` from 2.0.0.AM26 to 2.0.0.AM27 - [Commits](apache/directory-server@2.0.0.AM26...2.0.0.AM27) --- updated-dependencies: - dependency-name: org.apache.directory.server:apacheds-test-framework dependency-type: direct:development update-type: version-update:semver-patch - dependency-name: org.apache.directory.server:apacheds-server-integ dependency-type: direct:development update-type: version-update:semver-patch - dependency-name: org.apache.directory.server:apacheds-core-integ dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * get this work Signed-off-by: Olivier Lamy <olamy@apache.org> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Olivier Lamy <olamy@apache.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Olivier Lamy <olamy@apache.org> * Bump org.infinispan:infinispan-bom from 11.0.17.Final to 11.0.18.Final (#10724) Bumps [org.infinispan:infinispan-bom](https://github.com/infinispan/infinispan) from 11.0.17.Final to 11.0.18.Final. - [Release notes](https://github.com/infinispan/infinispan/releases) - [Changelog](https://github.com/infinispan/infinispan/blob/main/Jenkinsfile-release) - [Commits](infinispan/infinispan@11.0.17.Final...11.0.18.Final) --- updated-dependencies: - dependency-name: org.infinispan:infinispan-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * not needed, bad merge Signed-off-by: Olivier Lamy <olamy@apache.org> * fix version Signed-off-by: Olivier Lamy <olamy@apache.org> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Olivier Lamy <olamy@apache.org> Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com> Co-authored-by: Chad Wilson <chadw@thoughtworks.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
jetty · Nov 7, 2023 · d1bc772 · d1bc772
1 parent 3aa877f
commit d1bc772
Show file tree

Hide file tree

Showing 10 changed files with 489 additions and 325 deletions.
diff --git a/.mvn/maven-build-cache-config.xml b/.mvn/maven-build-cache-config.xml
@@ -90,6 +90,7 @@
             <reconcile propertyName="skipExec" skipValue="true"/>
             <reconcile propertyName="skipTests" skipValue="true"/>
             <reconcile propertyName="testFailureIgnore" skipValue="true"/>
+            <reconcile propertyName="test" skipValue="true"/>
           </reconciles>
           <nologs>
             <nolog propertyName="systemPropertyVariables"/>

diff --git a/build/build-resources/pom.xml b/build/build-resources/pom.xml
@@ -13,11 +13,11 @@
   <name>Build :: Resources</name>
 
   <properties>
-    <maven.deploy.skip>true</maven.deploy.skip>
-    <maven.javadoc.skip>true</maven.javadoc.skip>
     <!-- versions for these plugins are not based on parent pom -->
+    <maven.deploy.plugin.version>3.1.1</maven.deploy.plugin.version>
+    <maven.javadoc.plugin.version>3.4.0</maven.javadoc.plugin.version>
     <maven.remote-resources.plugin.version>3.1.0</maven.remote-resources.plugin.version>
-    <maven.surefire.plugin.version>3.1.2</maven.surefire.plugin.version>
+    <maven.surefire.plugin.version>3.2.1</maven.surefire.plugin.version>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <skipTests>true</skipTests>
   </properties>

diff --git a/...ation/jetty-documentation/src/main/asciidoc/old_docs/security/jaas-support.adoc b/...ation/jetty-documentation/src/main/asciidoc/old_docs/security/jaas-support.adoc
@@ -175,7 +175,7 @@ To allow the greatest degree of flexibility in using JAAS with web applications,
 Note that you don't ordinarily need to set these explicitly, as Jetty has defaults which will work in 99% of cases.
 However, should you need to, you can configure:
 
-* a CallbackHandler (Default: `org.eclipse.jetty.jaas.callback.DefaultCallbackHandler`)
+* a CallbackHandler (Default: `org.eclipse.jetty.security.jaas.callback.DefaultCallbackHandler`)
 * a list of classnames for the Principal implementation that equate to a user role (Default: `org.eclipse.jetty.jaas.JAASRole`)
 
 Here's an example of setting each of these (to their default values):
@@ -186,7 +186,7 @@ Here's an example of setting each of these (to their default values):
   <Set name="Name">Test JAAS Realm</Set>
   <Set name="LoginModuleName">xyz</Set>
   <Set name="CallbackHandlerClass">
-       org.eclipse.jetty.jaas.callback.DefaultCallbackHandler
+       org.eclipse.jetty.security.jaas.callback.DefaultCallbackHandler
   </Set>
   <Set name="roleClassNames">
     <Array type="java.lang.String">

diff --git a/jetty-core/jetty-security/pom.xml b/jetty-core/jetty-security/pom.xml
@@ -12,11 +12,28 @@
   <description>The common Jetty security implementation</description>
 
   <properties>
+    <apache.directory.api.version>2.1.5</apache.directory.api.version>
+    <apacheds.version>2.0.0.AM27</apacheds.version>
     <bundle-symbolic-name>${project.groupId}.security</bundle-symbolic-name>
     <spotbugs.onlyAnalyze>org.eclipse.jetty.security.*</spotbugs.onlyAnalyze>
   </properties>
 
   <dependencies>
+    <dependency>
+      <groupId>org.apache.directory.api</groupId>
+      <artifactId>api-asn1-api</artifactId>
+      <version>${apache.directory.api.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.directory.api</groupId>
+      <artifactId>api-ldap-model</artifactId>
+      <version>${apache.directory.api.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.directory.api</groupId>
+      <artifactId>api-util</artifactId>
+      <version>${apache.directory.api.version}</version>
+    </dependency>
     <dependency>
       <groupId>org.eclipse.jetty</groupId>
       <artifactId>jetty-server</artifactId>
@@ -25,6 +42,70 @@
       <groupId>org.slf4j</groupId>
       <artifactId>slf4j-api</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.apache.directory.api</groupId>
+      <artifactId>api-ldap-schema-data</artifactId>
+      <version>${apache.directory.api.version}</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.directory.server</groupId>
+      <artifactId>apacheds-core-integ</artifactId>
+      <version>${apacheds.version}</version>
+      <scope>test</scope>
+      <exclusions>
+        <exclusion>
+          <groupId>org.apache.directory.api</groupId>
+          <artifactId>api-ldap-schema-data</artifactId>
+        </exclusion>
+        <!-- exclude additional LDIF schema files to avoid conflicts through
+          multiple copies -->
+        <exclusion>
+          <groupId>org.apache.directory.shared</groupId>
+          <artifactId>shared-ldap-schema</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.directory.server</groupId>
+      <artifactId>apacheds-server-integ</artifactId>
+      <version>${apacheds.version}</version>
+      <scope>test</scope>
+      <exclusions>
+        <exclusion>
+          <groupId>org.apache.directory.api</groupId>
+          <artifactId>api-ldap-schema-data</artifactId>
+        </exclusion>
+        <!-- exclude additional LDIF schema files to avoid conflicts through
+          multiple copies -->
+        <exclusion>
+          <groupId>org.apache.directory.shared</groupId>
+          <artifactId>shared-ldap-schema</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.directory.server</groupId>
+      <artifactId>apacheds-test-framework</artifactId>
+      <version>${apacheds.version}</version>
+      <scope>test</scope>
+      <exclusions>
+        <exclusion>
+          <groupId>junit</groupId>
+          <artifactId>junit</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.apache.directory.api</groupId>
+          <artifactId>api-ldap-schema-data</artifactId>
+        </exclusion>
+        <!-- exclude additional LDIF schema files to avoid conflicts through
+          multiple copies -->
+        <exclusion>
+          <groupId>org.apache.directory.shared</groupId>
+          <artifactId>shared-ldap-schema</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
     <dependency>
       <groupId>org.eclipse.jetty</groupId>
       <artifactId>jetty-http-tools</artifactId>
@@ -55,7 +136,8 @@
         <configuration>
           <argLine>@{argLine} 
 	          ${jetty.surefire.argLine}
-	          --add-reads org.eclipse.jetty.security=org.eclipse.jetty.logging</argLine>
+	          --add-reads org.eclipse.jetty.security=org.eclipse.jetty.logging
+              --add-exports org.eclipse.jetty.security/org.eclipse.jetty.security.jaas.spi=java.base</argLine>
         </configuration>
       </plugin>
     </plugins>