Merge branch 'jetty-9.4.x' into jetty-10.0.x

2018-09-11 14:21:49 +10:00 · 2018-09-11 14:21:49 +10:00 · a8e9a8a78b
parent 79460a7cdb 2dd5fec4f4
commit a8e9a8a78b
19 changed files with 541 additions and 478 deletions
--- a/jetty-annotations/src/main/java/org/eclipse/jetty/annotations/AnnotationParser.java
+++ b/jetty-annotations/src/main/java/org/eclipse/jetty/annotations/AnnotationParser.java
@ -70,6 +70,7 @@ public class AnnotationParser
 {
    private static final Logger LOG = Log.getLogger(AnnotationParser.class);
    protected static int ASM_OPCODE_VERSION = Opcodes.ASM6; //compatibility of api
    protected static String ASM_OPCODE_VERSION_STR = "ASM6";
    /**
     * Map of classnames scanned and the first location from which scan occurred
@ -87,12 +88,12 @@ public class AnnotationParser
        int asmVersion = ASM_OPCODE_VERSION;
        Package asm = Opcodes.class.getPackage();
        if (asm == null)
-            LOG.warn("Unknown asm runtime version, assuming version {}", asmVersion);
+            LOG.warn("Unknown asm runtime version, assuming version {}", ASM_OPCODE_VERSION_STR);
        else
        {
            String s = asm.getImplementationVersion();
            if (s==null)
-                LOG.warn("Unknown asm implementation version, assuming version {}", asmVersion);
+                LOG.info("Unknown asm implementation version, assuming version {}", ASM_OPCODE_VERSION_STR);
            else
            {
                int dot = s.indexOf('.');
@ -119,13 +120,13 @@ public class AnnotationParser
                        }
                        default:
                        {
-                            LOG.warn("Unrecognized runtime asm version, assuming {}", asmVersion);
+                            LOG.warn("Unrecognized runtime asm version, assuming {}", ASM_OPCODE_VERSION_STR);
                        }
                    }
                }
                catch (NumberFormatException e)
                {
-                    LOG.warn("Unable to parse runtime asm version, assuming version {}", asmVersion);
+                    LOG.warn("Unable to parse runtime asm version, assuming version {}", ASM_OPCODE_VERSION_STR);
                }
            }
        }
--- a/jetty-client/src/test/java/org/eclipse/jetty/client/ssl/SslBytesClientTest.java
+++ b/jetty-client/src/test/java/org/eclipse/jetty/client/ssl/SslBytesClientTest.java
@ -22,7 +22,6 @@ import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNull;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.junit.jupiter.api.Assumptions.assumeTrue;
 import java.io.BufferedReader;
 import java.io.File;
@ -48,16 +47,17 @@ import org.eclipse.jetty.client.util.FutureResponseListener;
 import org.eclipse.jetty.http.HttpScheme;
 import org.eclipse.jetty.http.HttpStatus;
 import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
 import org.eclipse.jetty.util.JavaVersion;
 import org.eclipse.jetty.util.ssl.SslContextFactory;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.condition.DisabledOnJre;
+import org.junit.jupiter.api.condition.EnabledOnJre;
 import org.junit.jupiter.api.condition.JRE;
 /* This whole test is very specific to how TLS < 1.3 works.
 * Starting in Java 11, TLS/1.3 is now enabled by default.
 */
@EnabledOnJre({JRE.JAVA_8, JRE.JAVA_9, JRE.JAVA_10})
 public class SslBytesClientTest extends SslBytesTest
 {
    private ExecutorService threadPool;
@ -66,8 +66,6 @@ public class SslBytesClientTest extends SslBytesTest
    private SSLServerSocket acceptor;
    private SimpleProxy proxy;
    // This whole test is very specific to how TLS < 1.3 works.
    @DisabledOnJre( JRE.JAVA_11 )
    @BeforeEach
    public void init() throws Exception
    {
--- a/jetty-documentation/src/main/asciidoc/administration/startup/startup-unix-service.adoc
+++ b/jetty-documentation/src/main/asciidoc/administration/startup/startup-unix-service.adoc
@ -81,10 +81,10 @@ Make sure you have it installed.
 [source, screen, subs="{sub-order}"]
 ....
-# apt-get install openjdk-7-jdk
+# apt-get install openjdk-8-jdk
 ....
-Or download Java 7 from: http://www.oracle.com/technetwork/java/javase/downloads/index.html
+Or download Java 8 from: http://www.oracle.com/technetwork/java/javase/downloads/index.html
 [source, screen, subs="{sub-order}"]
 ....
--- a/jetty-documentation/src/main/asciidoc/configuring/security/spnego-support.adoc
+++ b/jetty-documentation/src/main/asciidoc/configuring/security/spnego-support.adoc
@ -17,17 +17,17 @@
 //
 [[spnego-support]]
-=== Spnego Support
+=== SPNEGO Support
-Simple and Protected GSSAPI Negotiation Mechanism (Spnego) is a way for users to be seamlessly authenticated when running on a Windows or Active Directory based network.
+Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) is a way for users to be seamlessly authenticated when running on a Windows or Active Directory based network.
 Jetty supports this type of authentication and authorization through the JDK (which has been enabled since the later versions of Java 6 and 7).
 Also important to note is that this is an _incredibly_ fragile setup where everything needs to be configured just right for things to work, otherwise it can fail in fun and exciting, not to mention obscure, ways.
 There is a substantial amount of configuration and testing required to enable this feature as well as knowledge and access to central systems on a Windows network such as the Active Domain Controller and the ability to create and maintain service users.
-==== Configuring Jetty and Spnego
+==== Configuring Jetty and SPNEGO
-To run with Spengo enabled the following command line options are required:
+To run with SPNEGO enabled the following command line options are required:
 [source,screen, subs="{sub-order}"]
 ----
@ -36,7 +36,7 @@ To run with Spengo enabled the following command line options are required:
 -Djavax.security.auth.useSubjectCredsOnly=false
 ----
-For debugging the Spengo authentication the following options are very helpful:
+For debugging the SPNEGO authentication the following options are very helpful:
 [source,screen, subs="{sub-order}"]
 ----
@ -44,7 +44,7 @@ For debugging the Spengo authentication the following options are very helpful:
 -Dsun.security.spnego.debug=all
 ----
-Spengo Authentication must be enabled in the webapp in the following way.
+SPNEGO Authentication must be enabled in the webapp in the following way.
 The name of the role will be different for your network.
 [source, xml, subs="{sub-order}"]
@ -65,7 +65,7 @@ The name of the role will be different for your network.
   <realm-name>Test Realm</realm-name>
   <!-- optionally to add custom error page -->
   <spnego-login-config>
-     <spengo-error-page>/loginError.html?param=foo</spnego-error-page>
+     <spnego-error-page>/loginError.html?param=foo</spnego-error-page>
   </spnego-login-config>
 </login-config>
@ -119,7 +119,7 @@ krb5.ini::
 spnego.conf::
  configures the glue between gssapi and kerberos
-It is important to note that the keytab file referenced in the `krb5.ini` and the `spengo.conf` files needs to contain the keytab for the `targetName` for the http server.
+It is important to note that the keytab file referenced in the `krb5.ini` and the `spnego.conf` files needs to contain the keytab for the `targetName` for the http server.
 To do this use a process similar to this:
 On the Windows Active Domain Controller run:
@ -159,12 +159,12 @@ The follows steps have been required to inform Internet Explorer that it should
 5.  Tools -> Options -> Advanced -> Security (in the checkbox list)
 6.  Locate and select `Enable Integrated Windows Authentication`
 7.  Tools -> Options -> Advanced -> Security -> Ok
-8.  Close IE then reopen and browse to your Spengo protected resource
+8.  Close IE then reopen and browse to your SPNEGO protected resource
 You *must* use hostname and not the IP.
 If you use the IP it will default to NTLM authentication.
-The following conditions must be true for Spnego authentication to work:
+The following conditions must be true for SPNEGO authentication to work:
 * You must be within the Intranet Zone of the network
 * Access the server using a Hostname rather than IP
--- a/jetty-documentation/src/main/asciidoc/reference/contributing/source-build.adoc
+++ b/jetty-documentation/src/main/asciidoc/reference/contributing/source-build.adoc
@ -49,7 +49,7 @@ Files associated with the development of Jetty -- code styles, formatting, iplog
 ==== Build
-Jetty requires the use of Java 7 and the latest releases are always recommended to build.
+Jetty requires the use of Java 8 and the latest releases are always recommended to build.
 Jetty uses http://maven.apache.org/[Apache Maven 3] for managing its build and primary project metadata.
--- a/jetty-jaas/src/test/java/org/eclipse/jetty/jaas/JAASLdapLoginServiceTest.java
+++ b/jetty-jaas/src/test/java/org/eclipse/jetty/jaas/JAASLdapLoginServiceTest.java
@ -31,7 +31,6 @@ import org.eclipse.jetty.security.DefaultIdentityService;
 import org.eclipse.jetty.server.Request;
 import org.eclipse.jetty.server.UserIdentity;
 import org.junit.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.junit.runner.RunWith;
 import javax.security.auth.login.AppConfigurationEntry;
--- a/jetty-maven-plugin/src/it/jetty-cdi-run-forked/pom.xml
+++ b/jetty-maven-plugin/src/it/jetty-cdi-run-forked/pom.xml
@ -54,7 +54,7 @@
      <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-compiler-plugin</artifactId>
-        <version>3.5.1</version>
+        <version>3.8.0</version>
        <configuration>
          <target>1.8</target>
          <source>1.8</source>
--- a/jetty-maven-plugin/src/it/jetty-deploy-war-mojo-it/pom.xml
+++ b/jetty-maven-plugin/src/it/jetty-deploy-war-mojo-it/pom.xml
@ -37,7 +37,7 @@
      <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-compiler-plugin</artifactId>
-        <version>3.5.1</version>
+        <version>3.8.0</version>
        <configuration>
          <target>1.8</target>
          <source>1.8</source>
--- a/jetty-maven-plugin/src/it/jetty-run-distro-mojo-it/pom.xml
+++ b/jetty-maven-plugin/src/it/jetty-run-distro-mojo-it/pom.xml
@ -66,7 +66,7 @@
        <plugin>
          <groupId>org.apache.maven.plugins</groupId>
          <artifactId>maven-compiler-plugin</artifactId>
-                    <version>3.5.1</version>
+          <version>3.8.0</version>
          <configuration>
            <target>1.8</target>
            <source>1.8</source>
--- a/jetty-maven-plugin/src/it/jetty-run-forked-mojo-it/pom.xml
+++ b/jetty-maven-plugin/src/it/jetty-run-forked-mojo-it/pom.xml
@ -67,7 +67,7 @@
        <plugin>
          <groupId>org.apache.maven.plugins</groupId>
          <artifactId>maven-compiler-plugin</artifactId>
-                    <version>3.5.1</version>
+          <version>3.8.0</version>
          <configuration>
            <target>1.8</target>
            <source>1.8</source>
--- a/jetty-maven-plugin/src/it/jetty-run-mojo-it/pom.xml
+++ b/jetty-maven-plugin/src/it/jetty-run-mojo-it/pom.xml
@ -73,7 +73,7 @@
        <plugin>
          <groupId>org.apache.maven.plugins</groupId>
          <artifactId>maven-compiler-plugin</artifactId>
-                    <version>3.5.1</version>
+          <version>3.8.0</version>
          <configuration>
            <target>1.8</target>
            <source>1.8</source>
--- a/jetty-maven-plugin/src/it/jetty-run-war-exploded-mojo-it/pom.xml
+++ b/jetty-maven-plugin/src/it/jetty-run-war-exploded-mojo-it/pom.xml
@ -67,7 +67,7 @@
        <plugin>
          <groupId>org.apache.maven.plugins</groupId>
          <artifactId>maven-compiler-plugin</artifactId>
-                    <version>3.5.1</version>
+          <version>3.8.0</version>
          <configuration>
            <target>1.8</target>
            <source>1.8</source>
--- a/jetty-maven-plugin/src/it/jetty-run-war-mojo-it/pom.xml
+++ b/jetty-maven-plugin/src/it/jetty-run-war-mojo-it/pom.xml
@ -67,7 +67,7 @@
        <plugin>
          <groupId>org.apache.maven.plugins</groupId>
          <artifactId>maven-compiler-plugin</artifactId>
-                    <version>3.5.1</version>
+          <version>3.8.0</version>
          <configuration>
            <target>1.8</target>
            <source>1.8</source>
--- a/jetty-maven-plugin/src/it/jetty-start-mojo-it/pom.xml
+++ b/jetty-maven-plugin/src/it/jetty-start-mojo-it/pom.xml
@ -67,7 +67,7 @@
        <plugin>
          <groupId>org.apache.maven.plugins</groupId>
          <artifactId>maven-compiler-plugin</artifactId>
-                    <version>3.5.1</version>
+          <version>3.8.0</version>
          <configuration>
            <target>1.8</target>
            <source>1.8</source>
--- a/jetty-maven-plugin/src/it/run-mojo-gwt-it/pom.xml
+++ b/jetty-maven-plugin/src/it/run-mojo-gwt-it/pom.xml
@ -1,5 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>org.olamy</groupId>
@ -44,7 +45,7 @@
      <plugins>
        <plugin>
          <artifactId>maven-compiler-plugin</artifactId>
-          <version>3.1</version>
+          <version>3.8.0</version>
          <configuration>
            <source>1.8</source>
            <target>1.8</target>
--- a/jetty-osgi/jetty-osgi-boot/src/main/java/org/eclipse/jetty/osgi/boot/internal/webapp/OSGiWebappClassLoader.java
+++ b/jetty-osgi/jetty-osgi-boot/src/main/java/org/eclipse/jetty/osgi/boot/internal/webapp/OSGiWebappClassLoader.java
@ -95,9 +95,8 @@ public class OSGiWebappClassLoader extends WebAppClassLoader implements BundleRe
    /* ------------------------------------------------------------ */
    @Override
-    public Class<?> loadClass(String name) throws ClassNotFoundException
+    protected Class<?> findClass(String name) throws ClassNotFoundException
    {
        try
        {
@ -107,7 +106,8 @@ public class OSGiWebappClassLoader extends WebAppClassLoader implements BundleRe
        {
            try
            {
-                return super.loadClass(name);
+
                return super.findClass(name);
            }
            catch (ClassNotFoundException cne2)
            {
@ -147,6 +147,48 @@ public class OSGiWebappClassLoader extends WebAppClassLoader implements BundleRe
        return url != null ? url : super.getResource(name);
    }
    @Override
    public URL findResource(String name)
    {
        URL url = _osgiBundleClassLoader.getResource(name);
        return url != null ? url : super.findResource(name);
    }
    /** 
     * Try to load the class from the bundle classloader.
     * We do NOT load it as a resource as the WebAppClassLoader does because the
     * url that is returned is an osgi-special url that does not play
     * properly with WebAppClassLoader's method of extracting the class
     * from the resource.  This implementation directly asks the osgi
     * bundle classloader to load the given class name.
     * 
     * @see org.eclipse.jetty.webapp.WebAppClassLoader#loadAsResource(java.lang.String, boolean)
     */
    @Override
    protected Class<?> loadAsResource(String name, boolean checkSystemResource) throws ClassNotFoundException
    {
        try
        {
            return _osgiBundleClassLoader.loadClass(name);
        }
        catch (ClassNotFoundException cne)
        {
            try
            {
                return super.loadAsResource(name, checkSystemResource);
            }
            catch (ClassNotFoundException cne2)
            {
                throw cne;
            }
        }
    }
    /* ------------------------------------------------------------ */
    private List<URL> toList(Enumeration<URL> e, Enumeration<URL> e2)
    {
--- a/jetty-security/src/main/config/etc/README.spnego
+++ b/jetty-security/src/main/config/etc/README.spnego
@ -1,7 +1,7 @@
-This setup will enable you to authenticate a user via spnego into your 
+This setup will enable you to authenticate a user via SPNEGO into your
 webapp.
-To run with spengo enabled the following command line options are required:
+To run with SPNEGO enabled the following command line options are required:
 -Djava.security.krb5.conf=/path/to/jetty/etc/krb5.ini
 -Djava.security.auth.login.config=/path/to/jetty/etc/spnego.conf 
@ -9,13 +9,13 @@ To run with spengo enabled the following command line options are required:
 The easiest place to put these lines are in the start.ini file.
-For debugging the spengo authentication the following options are helpful:
+For debugging the SPNEGO authentication the following options are helpful:
 -Dorg.eclipse.jetty.LEVEL=debug
 -Dsun.security.spnego.debug=true
-Spengo Authentication is enabled in the webapp with the following setup.
+SPNEGO Authentication is enabled in the webapp with the following setup.
  <security-constraint>
    <web-resource-collection>
@ -32,7 +32,7 @@ Spengo Authentication is enabled in the webapp with the following setup.
    <realm-name>Test Realm</realm-name>
    (optionally to add custom error page)
    <spnego-login-config>
-      <spengo-error-page>/loginError.html?param=foo</spnego-error-page>
+      <spnego-error-page>/loginError.html?param=foo</spnego-error-page>
    </spnego-login-config>
  </login-config>
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java
@ -45,7 +45,7 @@ public class SpnegoAuthenticator extends LoginAuthenticator
    }
    /**
-     * Allow for a custom authMethod value to be set for instances where SPENGO may not be appropriate
+     * Allow for a custom authMethod value to be set for instances where SPNEGO may not be appropriate
     * @param authMethod the auth method
     */
    public SpnegoAuthenticator( String authMethod )
@ -96,7 +96,7 @@ public class SpnegoAuthenticator extends LoginAuthenticator
                 return Authentication.UNAUTHENTICATED;
             }
-            LOG.debug("SpengoAuthenticator: sending challenge");
+            LOG.debug("Sending challenge");
            res.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), HttpHeader.NEGOTIATE.asString());
            res.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return Authentication.SEND_CONTINUE;
--- a/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebAppClassLoader.java
+++ b/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebAppClassLoader.java
@ -544,27 +544,17 @@ public class WebAppClassLoader extends URLClassLoader
            else
            {
                // Not parent loader priority, so...
-
+                webapp_class = loadAsResource(name, true);
-                // Try the webapp classloader first
+                if (webapp_class != null)
                // Look in the webapp classloader as a resource, to avoid 
                // loading a system class.
                String path = name.replace('.', '/').concat(".class");
                URL webapp_url = findResource(path);
                if (webapp_url!=null && !_context.isSystemResource(name,webapp_url))
                {
                    webapp_class = this.foundClass(name,webapp_url);
                    resolveClass(webapp_class);
                    if (LOG.isDebugEnabled())
                        LOG.debug("WAP webapp loaded {}",webapp_class);
                    return webapp_class;
                }
                // Try the parent loader
                try
                {
                    parent_class = _parent.loadClass(name); 
                    // If the webapp is allowed to see this class
                    if (Boolean.TRUE.equals(__loadServerClasses.get()) || !_context.isServerClass(parent_class))
                    {
@ -580,12 +570,9 @@ public class WebAppClassLoader extends URLClassLoader
                // We couldn't find a parent class, so OK to return a webapp one if it exists 
                // and we just couldn't see it before 
-                if (webapp_url!=null)
+                webapp_class = loadAsResource(name, false);
                if (webapp_class != null)
                {
                    webapp_class = this.foundClass(name,webapp_url);
                    resolveClass(webapp_class);
                    if (LOG.isDebugEnabled())
                        LOG.debug("WAP !server webapp loaded {}",webapp_class);
                    return webapp_class;
                }
@ -629,12 +616,47 @@ public class WebAppClassLoader extends URLClassLoader
        return _transformers.remove(transformer);
    }
    /**
     * Look for the classname as a resource to avoid loading a class that is 
     * potentially a system resource.
     * 
     * @param name the name of the class to load
     * @param checkSystemResource if true and the class isn't a system class we return it
     * @return the loaded class
     * @throws ClassNotFoundException
     */
    protected Class<?> loadAsResource (final String name, boolean checkSystemResource) throws ClassNotFoundException
    {
        // Try the webapp classloader first
        // Look in the webapp classloader as a resource, to avoid 
        // loading a system class.
        Class<?> webapp_class = null;
        String path = name.replace('.', '/').concat(".class");
        URL webapp_url = findResource(path);
        if (webapp_url!=null && (!checkSystemResource || !_context.isSystemResource(name,webapp_url)))
        {
            webapp_class = this.foundClass(name,webapp_url);
            resolveClass(webapp_class);
            if (LOG.isDebugEnabled())
                LOG.debug("WAP webapp loaded {}",webapp_class);
        }
        return webapp_class;
    }
    /* ------------------------------------------------------------ */
    @Override
    protected Class<?> findClass(final String name) throws ClassNotFoundException
    {
        if (_transformers.isEmpty())
        { 
            return super.findClass(name);
        }
        String path = name.replace('.', '/').concat(".class");
        URL url = findResource(path);