[MNG-7665] Update Jetty to latest Java8 capable version (#228)

Update Jetty to latest 9.4.50, last Java 8 capable version. Apply API changes and also remove jetty-servlet as ITs does NOT use servlet aspect of Jetty HTTP server.. This will simplify our lives in future, to make jump to later versions (that are Java 11+). Also, drop jetty-servlet as test do not use any servlet aspect. --- https://issues.apache.org/jira/browse/MNG-7665
2023-01-12 11:20:33 +01:00 · 2023-01-12 11:20:33 +01:00 · 1b31813b91
parent cb51050ea6
commit 1b31813b91
12 changed files with 71 additions and 75 deletions
--- a/its/core-it-suite/pom.xml
+++ b/its/core-it-suite/pom.xml
@ -81,7 +81,7 @@ under the License.
    <proxy.pass></proxy.pass>
    <proxy.nonProxyHosts>localhost</proxy.nonProxyHosts>
    <slf4jVersion>1.6.1</slf4jVersion>
-    <jetty9Version>9.0.4.v20130625</jetty9Version>
+    <jetty9Version>9.4.50.v20221201</jetty9Version>
    <stubPluginVersion>0.1-stub-SNAPSHOT</stubPluginVersion>
  </properties>
@ -104,26 +104,29 @@ under the License.
      <!-- TODO: not transitive in tests artifact, so must be left in main
        scope <scope>test</scope> -->
    </dependency>
    <dependency>
      <groupId>org.apache.maven.shared</groupId>
      <artifactId>maven-shared-utils</artifactId>
      <version>0.9</version>
    </dependency>
    <!-- Jetty (as test HTTP server) -->
    <dependency>
      <groupId>org.eclipse.jetty</groupId>
      <artifactId>jetty-server</artifactId>
      <version>${jetty9Version}</version>
    </dependency>
    <dependency>
-      <groupId>org.apache.maven.shared</groupId>
+      <groupId>org.eclipse.jetty</groupId>
-      <artifactId>maven-shared-utils</artifactId>
+      <artifactId>jetty-security</artifactId>
-      <version>0.9</version>
+      <version>${jetty9Version}</version>
    </dependency>
    <dependency>
      <groupId>org.eclipse.jetty</groupId>
      <artifactId>jetty-util</artifactId>
      <version>${jetty9Version}</version>
    </dependency>
-    <dependency>
+
      <groupId>org.eclipse.jetty</groupId>
      <artifactId>jetty-servlet</artifactId>
      <version>${jetty9Version}</version>
    </dependency>
    <dependency>
      <groupId>com.google.guava</groupId>
      <artifactId>guava</artifactId>
--- a/its/core-it-suite/src/test/java/org/apache/maven/it/HttpServer.java
+++ b/its/core-it-suite/src/test/java/org/apache/maven/it/HttpServer.java
@ -4,6 +4,7 @@ import com.google.common.io.ByteStreams;
 import org.eclipse.jetty.security.ConstraintMapping;
 import org.eclipse.jetty.security.ConstraintSecurityHandler;
 import org.eclipse.jetty.security.HashLoginService;
 import org.eclipse.jetty.security.UserStore;
 import org.eclipse.jetty.security.authentication.BasicAuthenticator;
 import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.NetworkConnector;
@ -110,7 +111,9 @@ public class HttpServer
        if ( username != null && password != null )
        {
            HashLoginService loginService = new HashLoginService( "Test Server" );
-            loginService.putUser( username, new Password( password ), new String[]{ "user" } );
+            UserStore userStore = new UserStore();
            userStore.addUser( username, new Password( password ), new String[] { "user" } );
            loginService.setUserStore( userStore );
            server.addBean( loginService );
            ConstraintSecurityHandler security = new ConstraintSecurityHandler();
--- a/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng0553SettingsAuthzEncryptionTest.java
+++ b/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng0553SettingsAuthzEncryptionTest.java
@ -29,20 +29,18 @@ import java.util.Properties;
 import org.eclipse.jetty.security.ConstraintMapping;
 import org.eclipse.jetty.security.ConstraintSecurityHandler;
 import org.eclipse.jetty.security.HashLoginService;
 import org.eclipse.jetty.security.UserStore;
 import org.eclipse.jetty.server.NetworkConnector;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.handler.DefaultHandler;
 import org.eclipse.jetty.server.handler.HandlerList;
 import org.eclipse.jetty.server.handler.ResourceHandler;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.util.security.Constraint;
 import org.eclipse.jetty.util.security.Password;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SECURITY;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SESSIONS;
 import static org.eclipse.jetty.util.security.Constraint.__BASIC_AUTH;
 /**
@ -79,11 +77,12 @@ public class MavenITmng0553SettingsAuthzEncryptionTest
        constraintMapping.setPathSpec( "/*" );
        HashLoginService userRealm = new HashLoginService( "TestRealm" );
-        userRealm.putUser( "testuser", new Password( "testtest" ), new String[] { "user" } );
+        UserStore userStore = new UserStore();
        userStore.addUser( "testuser", new Password( "testtest" ), new String[] { "user" } );
        userRealm.setUserStore( userStore );
        server = new Server( 0 );
-        ServletContextHandler ctx = new ServletContextHandler( server, "/", SESSIONS | SECURITY );
+        ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
        ConstraintSecurityHandler securityHandler = (ConstraintSecurityHandler) ctx.getSecurityHandler();
        securityHandler.setLoginService( userRealm );
        securityHandler.setAuthMethod( __BASIC_AUTH );
        securityHandler.setConstraintMappings( new ConstraintMapping[] { constraintMapping } );
--- a/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng3953AuthenticatedDeploymentTest.java
+++ b/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng3953AuthenticatedDeploymentTest.java
@ -30,21 +30,19 @@ import java.io.File;
 import org.eclipse.jetty.security.ConstraintMapping;
 import org.eclipse.jetty.security.ConstraintSecurityHandler;
 import org.eclipse.jetty.security.HashLoginService;
 import org.eclipse.jetty.security.UserStore;
 import org.eclipse.jetty.server.Handler;
 import org.eclipse.jetty.server.NetworkConnector;
 import org.eclipse.jetty.server.Request;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.handler.AbstractHandler;
 import org.eclipse.jetty.server.handler.HandlerList;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.util.security.Constraint;
 import org.eclipse.jetty.util.security.Password;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SECURITY;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SESSIONS;
 import static org.eclipse.jetty.util.security.Constraint.__BASIC_AUTH;
 /**
@ -103,11 +101,12 @@ public class MavenITmng3953AuthenticatedDeploymentTest
        constraintMapping.setPathSpec( "/*" );
        HashLoginService userRealm = new HashLoginService( "TestRealm" );
-        userRealm.putUser( "testuser", new Password( "testtest" ), new String[] { "deployer" } );
+        UserStore userStore = new UserStore();
        userStore.addUser( "testuser", new Password( "testtest" ), new String[] { "deployer" } );
        userRealm.setUserStore( userStore );
        server = new Server( 0 );
-        ServletContextHandler ctx = new ServletContextHandler( server, "/", SESSIONS | SECURITY );
+        ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
        ConstraintSecurityHandler securityHandler = (ConstraintSecurityHandler) ctx.getSecurityHandler();
        securityHandler.setLoginService( userRealm );
        securityHandler.setAuthMethod( __BASIC_AUTH );
        securityHandler.setConstraintMappings( new ConstraintMapping[] { constraintMapping } );
--- a/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4068AuthenticatedMirrorTest.java
+++ b/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4068AuthenticatedMirrorTest.java
@ -28,20 +28,18 @@ import java.util.Properties;
 import org.eclipse.jetty.security.ConstraintMapping;
 import org.eclipse.jetty.security.ConstraintSecurityHandler;
 import org.eclipse.jetty.security.HashLoginService;
 import org.eclipse.jetty.security.UserStore;
 import org.eclipse.jetty.server.NetworkConnector;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.handler.DefaultHandler;
 import org.eclipse.jetty.server.handler.HandlerList;
 import org.eclipse.jetty.server.handler.ResourceHandler;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.util.security.Constraint;
 import org.eclipse.jetty.util.security.Password;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SECURITY;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SESSIONS;
 import static org.eclipse.jetty.util.security.Constraint.__BASIC_AUTH;
 /**
@ -81,11 +79,12 @@ public class MavenITmng4068AuthenticatedMirrorTest
        constraintMapping.setPathSpec( "/*" );
        HashLoginService userRealm = new HashLoginService( "TestRealm" );
-        userRealm.putUser( "testuser", new Password( "testtest" ), new String[] { "user" } );
+        UserStore userStore = new UserStore();
        userStore.addUser( "testuser", new Password( "testtest" ), new String[] { "user" } );
        userRealm.setUserStore( userStore );
        server = new Server( 0 );
-        ServletContextHandler ctx = new ServletContextHandler( server, "/", SESSIONS | SECURITY );
+        ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
        ConstraintSecurityHandler securityHandler = (ConstraintSecurityHandler) ctx.getSecurityHandler();
        securityHandler.setLoginService( userRealm );
        securityHandler.setAuthMethod( __BASIC_AUTH );
        securityHandler.setConstraintMappings( new ConstraintMapping[] { constraintMapping } );
--- a/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4235HttpAuthDeploymentChecksumsTest.java
+++ b/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4235HttpAuthDeploymentChecksumsTest.java
@ -38,13 +38,13 @@ import org.codehaus.plexus.util.StringUtils;
 import org.eclipse.jetty.security.ConstraintMapping;
 import org.eclipse.jetty.security.ConstraintSecurityHandler;
 import org.eclipse.jetty.security.HashLoginService;
 import org.eclipse.jetty.security.UserStore;
 import org.eclipse.jetty.server.NetworkConnector;
 import org.eclipse.jetty.server.Request;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.handler.DefaultHandler;
 import org.eclipse.jetty.server.handler.HandlerList;
 import org.eclipse.jetty.server.handler.ResourceHandler;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.util.resource.Resource;
 import org.eclipse.jetty.util.security.Constraint;
 import org.eclipse.jetty.util.security.Password;
@ -53,8 +53,6 @@ import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import static java.nio.file.StandardCopyOption.REPLACE_EXISTING;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SECURITY;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SESSIONS;
 import static org.eclipse.jetty.util.security.Constraint.__BASIC_AUTH;
 /**
@ -97,10 +95,11 @@ public class MavenITmng4235HttpAuthDeploymentChecksumsTest
        constraintMapping.setPathSpec( "/*" );
        HashLoginService userRealm = new HashLoginService( "TestRealm" );
-        userRealm.putUser( "testuser", new Password( "testpass" ), new String[] { "deployer" } );
+        UserStore userStore = new UserStore();
        userStore.addUser( "testuser", new Password( "testpass" ), new String[] { "deployer" } );
        userRealm.setUserStore( userStore );
-        ServletContextHandler ctx = new ServletContextHandler( server, "/", SESSIONS | SECURITY );
+        ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
        ConstraintSecurityHandler securityHandler = (ConstraintSecurityHandler) ctx.getSecurityHandler();
        securityHandler.setLoginService( userRealm );
        securityHandler.setAuthMethod( __BASIC_AUTH );
        securityHandler.setConstraintMappings( new ConstraintMapping[] { constraintMapping } );
@ -201,7 +200,7 @@ public class MavenITmng4235HttpAuthDeploymentChecksumsTest
            if ( "PUT".equals( request.getMethod() ) )
            {
-                Resource resource = getResource( request );
+                Resource resource = getResource( request.getPathInfo() );
                // NOTE: This can get called concurrently but File.mkdirs() isn't thread-safe in all JREs
                File dir = resource.getFile().getParentFile();
--- a/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4413MirroringOfDependencyRepoTest.java
+++ b/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4413MirroringOfDependencyRepoTest.java
@ -28,18 +28,16 @@ import java.util.Properties;
 import org.eclipse.jetty.security.ConstraintMapping;
 import org.eclipse.jetty.security.ConstraintSecurityHandler;
 import org.eclipse.jetty.security.HashLoginService;
 import org.eclipse.jetty.security.UserStore;
 import org.eclipse.jetty.server.NetworkConnector;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.handler.DefaultHandler;
 import org.eclipse.jetty.server.handler.HandlerList;
 import org.eclipse.jetty.server.handler.ResourceHandler;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.util.security.Constraint;
 import org.eclipse.jetty.util.security.Password;
 import org.junit.jupiter.api.Test;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SECURITY;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SESSIONS;
 import static org.eclipse.jetty.util.security.Constraint.__BASIC_AUTH;
 /**
@ -78,11 +76,12 @@ public class MavenITmng4413MirroringOfDependencyRepoTest
        constraintMapping.setPathSpec( "/*" );
        HashLoginService userRealm = new HashLoginService( "TestRealm" );
-        userRealm.putUser( "testuser", new Password( "testtest" ), new String[] { "user" } );
+        UserStore userStore = new UserStore();
        userStore.addUser( "testuser", new Password( "testtest" ), new String[] { "user" } );
        userRealm.setUserStore( userStore );
        Server server = new Server( 0 );
-        ServletContextHandler ctx = new ServletContextHandler( server, "/", SESSIONS | SECURITY );
+        ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
        ConstraintSecurityHandler securityHandler = (ConstraintSecurityHandler) ctx.getSecurityHandler();
        securityHandler.setLoginService( userRealm );
        securityHandler.setAuthMethod( __BASIC_AUTH );
        securityHandler.setConstraintMappings( new ConstraintMapping[] { constraintMapping } );
--- a/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4469AuthenticatedDeploymentToCustomRepoTest.java
+++ b/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4469AuthenticatedDeploymentToCustomRepoTest.java
@ -30,21 +30,19 @@ import java.io.File;
 import org.eclipse.jetty.security.ConstraintMapping;
 import org.eclipse.jetty.security.ConstraintSecurityHandler;
 import org.eclipse.jetty.security.HashLoginService;
 import org.eclipse.jetty.security.UserStore;
 import org.eclipse.jetty.server.Handler;
 import org.eclipse.jetty.server.NetworkConnector;
 import org.eclipse.jetty.server.Request;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.handler.AbstractHandler;
 import org.eclipse.jetty.server.handler.HandlerList;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.util.security.Constraint;
 import org.eclipse.jetty.util.security.Password;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SECURITY;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SESSIONS;
 import static org.eclipse.jetty.util.security.Constraint.__BASIC_AUTH;
 /**
@ -103,11 +101,12 @@ public class MavenITmng4469AuthenticatedDeploymentToCustomRepoTest
        constraintMapping.setPathSpec( "/*" );
        HashLoginService userRealm = new HashLoginService( "TestRealm" );
-        userRealm.putUser( "testuser", new Password( "testtest" ), new String[] { "deployer" } );
+        UserStore userStore = new UserStore();
        userStore.addUser( "testuser", new Password( "testtest" ), new String[] { "deployer" } );
        userRealm.setUserStore( userStore );
        server = new Server( 0 );
-        ServletContextHandler ctx = new ServletContextHandler( server, "/", SESSIONS | SECURITY );
+        ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
        ConstraintSecurityHandler securityHandler = (ConstraintSecurityHandler) ctx.getSecurityHandler();
        securityHandler.setLoginService( userRealm );
        securityHandler.setAuthMethod( __BASIC_AUTH );
        securityHandler.setConstraintMappings( new ConstraintMapping[] { constraintMapping } );
--- a/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4470AuthenticatedDeploymentToProxyTest.java
+++ b/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4470AuthenticatedDeploymentToProxyTest.java
@ -27,6 +27,7 @@ import javax.servlet.http.HttpServletResponse;
 import java.io.File;
 import java.nio.charset.StandardCharsets;
 import java.util.Base64;
 import java.util.Collections;
 import java.util.Deque;
 import java.util.concurrent.ConcurrentLinkedDeque;
@ -36,22 +37,19 @@ import org.codehaus.plexus.util.StringUtils;
 import org.eclipse.jetty.security.ConstraintMapping;
 import org.eclipse.jetty.security.ConstraintSecurityHandler;
 import org.eclipse.jetty.security.HashLoginService;
 import org.eclipse.jetty.security.UserStore;
 import org.eclipse.jetty.server.Handler;
 import org.eclipse.jetty.server.NetworkConnector;
 import org.eclipse.jetty.server.Request;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.handler.AbstractHandler;
 import org.eclipse.jetty.server.handler.HandlerList;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.util.B64Code;
 import org.eclipse.jetty.util.security.Constraint;
 import org.eclipse.jetty.util.security.Password;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SECURITY;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SESSIONS;
 import static org.eclipse.jetty.util.security.Constraint.__BASIC_AUTH;
 /**
@ -92,7 +90,7 @@ public class MavenITmng4470AuthenticatedDeploymentToProxyTest
                if ( auth != null )
                {
                    auth = auth.substring( auth.indexOf( ' ' ) + 1 ).trim();
-                    auth = B64Code.decode( auth, StandardCharsets.US_ASCII.name() );
+                    auth = new String( Base64.getDecoder().decode( auth ), StandardCharsets.US_ASCII );
                }
                System.out.println( "Proxy-Authorization: " + auth );
@ -155,11 +153,12 @@ public class MavenITmng4470AuthenticatedDeploymentToProxyTest
        constraintMapping.setPathSpec( "/*" );
        HashLoginService userRealm = new HashLoginService( "TestRealm" );
-        userRealm.putUser( "testuser", new Password( "testtest" ), new String[] { "deployer" } );
+        UserStore userStore = new UserStore();
        userStore.addUser( "testuser", new Password( "testtest" ), new String[] { "deployer" } );
        userRealm.setUserStore( userStore );
        server = new Server( 0 );
-        ServletContextHandler ctx = new ServletContextHandler( server, "/", SESSIONS | SECURITY );
+        ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
        ConstraintSecurityHandler securityHandler = (ConstraintSecurityHandler) ctx.getSecurityHandler();
        securityHandler.setLoginService( userRealm );
        securityHandler.setAuthMethod( __BASIC_AUTH );
        securityHandler.setConstraintMappings( new ConstraintMapping[] { constraintMapping } );
@ -224,8 +223,8 @@ public class MavenITmng4470AuthenticatedDeploymentToProxyTest
        verifier.setAutoclean( false );
        verifier.filterFile( "settings-template.xml", "settings.xml", "UTF-8",
                             Collections.singletonMap( "@port@", Integer.toString( port ) ) );
-        verifier.addCliOption( "--settings" );
+        verifier.addCliArgument( "--settings" );
-        verifier.addCliOption( "settings.xml" );
+        verifier.addCliArgument( "settings.xml" );
        verifier.addCliArgument( "validate" );
        verifier.execute();
        verifier.verifyErrorFreeLog();
--- a/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4489MirroringOfExtensionRepoTest.java
+++ b/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4489MirroringOfExtensionRepoTest.java
@ -28,18 +28,16 @@ import java.util.Properties;
 import org.eclipse.jetty.security.ConstraintMapping;
 import org.eclipse.jetty.security.ConstraintSecurityHandler;
 import org.eclipse.jetty.security.HashLoginService;
 import org.eclipse.jetty.security.UserStore;
 import org.eclipse.jetty.server.NetworkConnector;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.handler.DefaultHandler;
 import org.eclipse.jetty.server.handler.HandlerList;
 import org.eclipse.jetty.server.handler.ResourceHandler;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.util.security.Constraint;
 import org.eclipse.jetty.util.security.Password;
 import org.junit.jupiter.api.Test;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SECURITY;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SESSIONS;
 import static org.eclipse.jetty.util.security.Constraint.__BASIC_AUTH;
 /**
@ -78,11 +76,12 @@ public class MavenITmng4489MirroringOfExtensionRepoTest
        constraintMapping.setPathSpec( "/*" );
        HashLoginService userRealm = new HashLoginService( "TestRealm" );
-        userRealm.putUser( "testuser", new Password( "testtest" ), new String[] { "user" } );
+        UserStore userStore = new UserStore();
        userStore.addUser( "testuser", new Password( "testtest" ), new String[] { "user" } );
        userRealm.setUserStore( userStore );
        Server server = new Server( 0 );
-        ServletContextHandler ctx = new ServletContextHandler( server, "/", SESSIONS | SECURITY );
+        ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
        ConstraintSecurityHandler securityHandler = (ConstraintSecurityHandler) ctx.getSecurityHandler();
        securityHandler.setLoginService( userRealm );
        securityHandler.setAuthMethod( __BASIC_AUTH );
        securityHandler.setConstraintMappings( new ConstraintMapping[] { constraintMapping } );
--- a/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4561MirroringOfPluginRepoTest.java
+++ b/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4561MirroringOfPluginRepoTest.java
@ -28,18 +28,16 @@ import java.util.Properties;
 import org.eclipse.jetty.security.ConstraintMapping;
 import org.eclipse.jetty.security.ConstraintSecurityHandler;
 import org.eclipse.jetty.security.HashLoginService;
 import org.eclipse.jetty.security.UserStore;
 import org.eclipse.jetty.server.NetworkConnector;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.handler.DefaultHandler;
 import org.eclipse.jetty.server.handler.HandlerList;
 import org.eclipse.jetty.server.handler.ResourceHandler;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.util.security.Constraint;
 import org.eclipse.jetty.util.security.Password;
 import org.junit.jupiter.api.Test;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SECURITY;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SESSIONS;
 import static org.eclipse.jetty.util.security.Constraint.__BASIC_AUTH;
 /**
@ -78,11 +76,12 @@ public class MavenITmng4561MirroringOfPluginRepoTest
        constraintMapping.setPathSpec( "/*" );
        HashLoginService userRealm = new HashLoginService( "TestRealm" );
-        userRealm.putUser( "testuser", new Password( "testtest" ), new String[] { "user" } );
+        UserStore userStore = new UserStore();
        userStore.addUser( "testuser", new Password( "testtest" ), new String[] { "user" } );
        userRealm.setUserStore( userStore );
        Server server = new Server( 0 );
-        ServletContextHandler ctx = new ServletContextHandler( server, "/", SESSIONS | SECURITY );
+        ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
        ConstraintSecurityHandler securityHandler = (ConstraintSecurityHandler) ctx.getSecurityHandler();
        securityHandler.setLoginService( userRealm );
        securityHandler.setAuthMethod( __BASIC_AUTH );
        securityHandler.setConstraintMappings( new ConstraintMapping[] { constraintMapping } );
--- a/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4729MirrorProxyAuthUsedByProjectBuilderTest.java
+++ b/its/core-it-suite/src/test/java/org/apache/maven/it/MavenITmng4729MirrorProxyAuthUsedByProjectBuilderTest.java
@ -28,18 +28,16 @@ import java.util.Properties;
 import org.eclipse.jetty.security.ConstraintMapping;
 import org.eclipse.jetty.security.ConstraintSecurityHandler;
 import org.eclipse.jetty.security.HashLoginService;
 import org.eclipse.jetty.security.UserStore;
 import org.eclipse.jetty.server.NetworkConnector;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.handler.DefaultHandler;
 import org.eclipse.jetty.server.handler.HandlerList;
 import org.eclipse.jetty.server.handler.ResourceHandler;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.util.security.Constraint;
 import org.eclipse.jetty.util.security.Password;
 import org.junit.jupiter.api.Test;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SECURITY;
 import static org.eclipse.jetty.servlet.ServletContextHandler.SESSIONS;
 import static org.eclipse.jetty.util.security.Constraint.__BASIC_AUTH;
 /**
@ -78,11 +76,12 @@ public class MavenITmng4729MirrorProxyAuthUsedByProjectBuilderTest
        constraintMapping.setPathSpec( "/*" );
        HashLoginService userRealm = new HashLoginService( "TestRealm" );
-        userRealm.putUser( "testuser", new Password( "testtest" ), new String[] { "user" } );
+        UserStore userStore = new UserStore();
        userStore.addUser( "testuser", new Password( "testtest" ), new String[] { "user" } );
        userRealm.setUserStore( userStore );
        Server server = new Server( 0 );
-        ServletContextHandler ctx = new ServletContextHandler( server, "/", SESSIONS | SECURITY );
+        ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
        ConstraintSecurityHandler securityHandler = (ConstraintSecurityHandler) ctx.getSecurityHandler();
        securityHandler.setLoginService( userRealm );
        securityHandler.setAuthMethod( __BASIC_AUTH );
        securityHandler.setConstraintMappings( new ConstraintMapping[] { constraintMapping } );