Commit Graph

1256 Commits

Author SHA1 Message Date
Gary Gregory 0efee0bf95 Use String#isEmpty() 2023-11-28 17:46:42 -05:00
Joakim Erdfelt c50aa2f61b
Updating to version 10.0.19-SNAPSHOT 2023-10-26 21:10:08 -05:00
Joakim Erdfelt 8545fd9bf4
Updating to version 10.0.18 2023-10-26 20:59:27 -05:00
Joakim Erdfelt 722b97ad6a
Updating to version 10.0.18-SNAPSHOT 2023-10-09 13:32:28 -05:00
Joakim Erdfelt af15f12297
Updating to version 10.0.17 2023-10-09 13:21:53 -05:00
Greg Wilkins 3c76f82594
Allow session idle timeout to be configured on authentication. (#10511)
Allow session idle timeout to be configured on authentication.

Signed-off-by: gregw <gregw@webtide.com>
2023-09-18 15:53:35 +10:00
Joakim Erdfelt 896dee2466
Updating to version 10.0.17-SNAPSHOT 2023-08-25 14:27:38 -05:00
Joakim Erdfelt a2735a9ae9
Updating to version 10.0.16 2023-08-25 14:10:55 -05:00
Joakim Erdfelt a9c596e3d7
Updating various old/moved URL references found across project (`jetty-10.0.x`) (#10098)
* Now that the migration of `https://eclipse.org/jetty/` to `https://eclipse.dev/jetty/` has occurred, it is time to review the URI use in our project

+ Updated URLs in poms
+ Added more URIs to XmlConfiguration
+ Updated URLs in module files
+ Updated URLs in documentation
+ Updated URLs in HTML
+ Correcting bad double-scheme URLs (eg: `http://https://www.eclipse...`)
+ Updating text in *.mod files
+ Removing `/current/` from path `/jetty/documentation/current/`
+ Fixing mailing list URL

---------

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2023-07-14 12:38:45 -05:00
Jan Bartel a138bfbe1a
Add tests for combining of Constraints as per spec (#9664)
* Add tests for combining of Constraints as per spec
2023-05-10 17:13:58 +02:00
Joakim Erdfelt ca3c1756ad
Updating to version 10.0.16-SNAPSHOT 2023-04-11 13:23:25 -05:00
Joakim Erdfelt 68017dbd00
Updating to version 10.0.15 2023-04-11 12:24:32 -05:00
Olivier Lamy e62cc0344a Updating to version 10.0.15-SNAPSHOT 2023-03-01 18:55:10 +10:00
gregw 7a7d69a69f Happy no year
Remove modification date from copyright notice and instead just have the
project inception year.

Signed-off-by: gregw <gregw@webtide.com>
2023-02-15 15:22:32 +11:00
Joakim Erdfelt 54c4c03244
Updating to version 10.0.14-SNAPSHOT 2022-12-07 14:33:17 -06:00
Joakim Erdfelt 1c2636ea05
Updating to version 10.0.13 2022-12-07 14:12:50 -06:00
Lachlan 4f633e945c
Merge pull request #8792 from eclipse/jetty-10.0.x-OpenIdSessionSerialization
Issue #8330 - fix IllegalStateException from using OpenID with SessionDatastore
2022-11-10 16:54:03 +11:00
Joakim Erdfelt 793bee9e14
Issue #8716 - Handle bad host/authority headers better (#8717)
* Issue #8716 - Handle bad host/authority headers better
* Remove extra `Host` header in testcase that doesn't deal with bad Host headers
* Create URIUtil.isRegName
* Correcting HostPortTest.testValidAuthority
* Correcting RequestTest.testInvalidHostHeader
* Remove clonable, set to final

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-11-08 18:08:20 -06:00
Lachlan Roberts a4185bf5ac restore deleted methods in SessionAuthentication
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-11-01 12:05:53 +11:00
Lachlan Roberts c60f38f387 Issue #8330 - fix persistence of sessions in OpenID
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-11-01 12:01:24 +11:00
Olivier Lamy dbd07146ec
merge back release branch to bump version to 10.0.13-SNAPSHOT (#8593)
* Updating to version 10.0.12

* Updating to version 10.0.13-SNAPSHOT

* VERSION.TXT =+ content of jetty-9.4.49.v20220914 release

* remove strange line and reorder
2022-09-16 19:50:12 +10:00
Simone Bordet 77ad0189ba
Fixes #8532 - Review System.nanoTime() usages. (#8535)
* Fixes #8532 - Review System.nanoTime() usages.

Introduced o.e.j.util.NanoTime class to deal with nanoTimes.

Now NanoTime.now() should be used instead of System.nanoTime(),
and various <unit>[elapsed|since|until]() methods to calculate nanoTimes.

Furthermore, comparing 2 nanoTimes should be done via isBefore(),
rather than using the < operator, which is wrong as specified in
the System.nanoTime() javadocs.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-09-06 09:30:02 +02:00
Lachlan Roberts 7929730cb9 cleanup in DeferredAuthentication
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-06-29 19:00:41 +10:00
Joakim Erdfelt 64d12e2a5a
Merge Release 10.0.11 back into `jetty-10.0.x` branch (#8194)
* Updating to version 10.0.11

* Updating to version 10.0.12-SNAPSHOT
2022-06-22 16:24:48 -05:00
Joakim Erdfelt c2bc103cb9
Merge Release 10.0.10 back into `jetty-10.0.x` (#8180)
* Updating to version 10.0.11-SNAPSHOT
2022-06-21 14:41:41 +02:00
Joakim Erdfelt 8de55150fe
Cherry-pick of Improvements to PathSpec for Jetty 10.0.x (#8136)
* Cherry-pick of Improvements to PathSpec.
* From commit: 5b4d1dd1c6
* Fixing ConstraintSecurityHandler usage of PathMappings
* Fixing bad INCLUDE logic from cherry-pick in ServletHandler.doScope()
* Cleanup of non ServletPathSpec behaviors in ServletPathMapping class
* Skip optional group name/info lookup if regex fails.
* Prevent NPE on static servletPathMappings
* Update WebSocketMappings to use new PathMappings.getMatched(String)

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-08 12:36:30 -05:00
Jan Bartel 3caee26742
Jetty 10.0.x 7801 duplicate set session cookie (#7808)
* Issue #7801 Duplicate set session cookie after id change.

Signed-off-by: Jan Bartel <janb@webtide.com>
2022-06-08 10:15:24 +10:00
dependabot[bot] c2c1ea8d9a
Bump maven-bundle-plugin from 5.1.4 to 5.1.5 (#7933)
* Bump maven-bundle-plugin from 5.1.4 to 5.1.5

Bumps maven-bundle-plugin from 5.1.4 to 5.1.5.

---
updated-dependencies:
- dependency-name: org.apache.felix:maven-bundle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Standardize maven-bundle-plugin usage (to avoid build error)

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-05-06 16:24:40 -05:00
Greg Wilkins e12d5d58b6
Jetty 10 7918 root pathspec (#7920)
Fix #7918 Root path spec
Handle root pathspec in PathMappings.asPathSpec
Introduce protected asPathSpec to allow for extensibility

Signed-off-by: Greg Wilkins <gregw@webtide.com>
2022-04-26 19:04:17 +02:00
Joakim Erdfelt 16420f0181
Set version to `10.0.10-SNAPSHOT` (#7823)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-04-03 20:33:44 +10:00
Joakim Erdfelt f079949a35
Merge Release 10.0.9 (#7821)
* Updating to version 10.0.9

* Updating to version 10.0.10
2022-04-02 08:43:44 -05:00
dependabot[bot] 6b25c271b1
Bump jolokia-war from 1.3.3 to 1.7.1 (#6907)
* Bump jolokia-war from 1.3.3 to 1.7.1

Bumps jolokia-war from 1.3.3 to 1.7.1.

---
updated-dependencies:
- dependency-name: org.jolokia:jolokia-war
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

* Adding HashLoginService to jolokia.xml
* Fixing typo in FQCN for Jetty Password utility
* Using logger to print warning, not ServletContext.log() as it causes an NPE.

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-03-29 21:04:35 -05:00
Simone Bordet a4fda96f49
Updating to version 10.0.9-SNAPSHOT 2022-02-07 12:02:02 +01:00
Simone Bordet 716c7afd8e
Updating to version 10.0.8 2022-02-07 11:34:12 +01:00
Joakim Erdfelt cb127793e5
Happy New Year 2022 (#7459)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-01-27 10:42:30 -06:00
lujiefsi ff10c26332
fix resource leak (#7361)
Fix resource leaks
2022-01-10 10:56:22 +01:00
Joakim Erdfelt cfc67f86d2 Updating to version 10.0.8-SNAPSHOT 2021-10-06 14:51:32 -05:00
Joakim Erdfelt da8a4553af Updating to version 10.0.7 2021-10-06 14:32:37 -05:00
Simone Bordet 0412bdc3d9 Fixes #6938 - module-info.java file do not use the canonical order for the elements
Changed order of entries in module-info.java to be canonical

(cherry picked from commit 02691171d5)
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-10-01 09:25:55 +02:00
Olivier Lamy 51d44a3401
use dependencyManagement for internal dependencies (#6940)
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
2021-09-30 16:57:19 +10:00
dependabot[bot] b44dde6098
Bump maven-enforcer-plugin from 3.0.0-M3 to 3.0.0 (#6755)
* Bump maven-enforcer-plugin from 3.0.0-M3 to 3.0.0

Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 3.0.0-M3 to 3.0.0.
- [Release notes](https://github.com/apache/maven-enforcer/releases)
- [Commits](https://github.com/apache/maven-enforcer/compare/enforcer-3.0.0-M3...enforcer-3.0.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix some upper bound issues and exclude more javax

Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>

* fix upperbound dependencies issue with enforcer plugin upgrade

Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>

* exclude this wrong which makes enforcer plugin fail and btw it's not used

Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>

* fix last enforcer upperbound issues

Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Olivier Lamy <oliver.lamy@gmail.com>
2021-09-14 06:10:48 +10:00
Lachlan f10ae7c955
Merge pull request #6649 from eclipse/jetty-10.0.x-jetty-jaspi
Issue #6406 - backport of jetty-jaspi changes to jetty-10 (#6412)
2021-08-27 13:20:51 +10:00
Lachlan 5954fc2ca2
Merge pull request #6569 from eclipse/jetty-10.0.x-6554-SecurityHandler
Issue #6554 - create the DefaultIdentityService even if no realmName is provided
2021-08-27 13:12:35 +10:00
Lachlan Roberts 4d579d682c Issue #6406 - backport jetty-jaspi changes to 10.0.x
Co-authored-by: Frode Carlsen <frode.odde.carlsen@nav.no>
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-27 11:30:16 +10:00
Joakim Erdfelt c5a33e27d2
Issue #5684 - Windows test overhaul (#6581)
Issue #5684 - Window's test overhaul

+ Migrate from @DisabledOnOs(WINDOWS) to assumptions on capabilities instead.
+ Fix other outstanding windows testing issues.
+ Cleanup FileBufferedResponseHandlerTest expectations on Windows.
+ PathWatcher scan interval is variable on windows
+ If unable to start testcase based on assumption,
  the stop shouldn't fail testcase
+ Increase various wait timeouts
+ Make tests less strict due to system speed issues
+ Disable Sni tests due to TLS behaviors differences in Windows
  + Windows TLSv1.3 seems to introduce this difference
  + If we restrict to TLSv1.2 this passes.
  + On Linux TLSv.13 on client side will always return a
  + javax.net.ssl.SSLHandshakeException in those test cases that expect it.
  + However, on Windows, Only the TLSv1.2 implementation will return a javax.net.ssl.SSLHandshakeException,
  + All other TLS versions on Windows will result in a
  + javax.net.ssl.SSLException: Software caused connection abort: recv failed
+ Disable ConcurrentStreamCreationTest
  + Not possible to create all of these streams.
+ Fixing DeploymentTempDirTest
  + Using unique workdir per testcase.
  + Don't expect to delete files / directories between tests
    (not supported on windows due to file locking anyway)
 + Fixing line ending difference on windows
 + InvalidPathException is a 404 Not Found
 + Cannot reuse test directory between runs due to memory mapped files that are still in use from previous run.
 + java.nio.file.FileSystemException: C:\code\jetty.project\jetty-webapp\target\tests\welcome#\index.html: The requested operation cannot be performed on a file with a user-mapped section open.

	at java.base/sun.nio.fs.WindowsException.translateToIOException(WindowsException.java:92)
	at java.base/sun.nio.fs.WindowsException.rethrowAsIOException(WindowsException.java:103)
	at java.base/sun.nio.fs.WindowsException.rethrowAsIOException(WindowsException.java:108)
	at java.base/sun.nio.fs.WindowsFileSystemProvider.newByteChannel(WindowsFileSystemProvider.java:235)
	at java.base/java.nio.file.spi.FileSystemProvider.newOutputStream(FileSystemProvider.java:478)
	at java.base/java.nio.file.Files.newOutputStream(Files.java:220)
	at org.eclipse.jetty.webapp/org.eclipse.jetty.webapp.WebAppDefaultServletTest.prepareServer(WebAppDefaultServletTest.java:84)

 + As is typical on windows, we are often unable to delete a file due to file locking issues.
 + Use a unique resource base between tests.
   This is to avoid file locking behaviors that prevent the
   resource base from being reused too quickly on windows.
 + Prevent test run if symlinks not supported
 + Allowing for Windows slosh char as well in asserts
 + SelectorUtils is File.separator dependent
 + Regex is now FS.separator independent
 + Using SelectorUtils from plexus correctly for include/exclude
 + Turning off mapped files for testing reasons.
 + Fix and re-enable RFC2616NIOHttpsTest
 + Issue #6552 - Fix test failures due to slf4j dep
 + Issue #6552 - upgrade testcontainers
 + Issue #6552 - move to assumption based docker existence
 + Issue #6552 - Fix enforcer rule violation on jna.
  Addresses the following side effect of upgrading testcontainers.

[WARNING] Rule 3: org.apache.maven.plugins.enforcer.RequireUpperBoundDeps failed with message:
Failed while enforcing RequireUpperBoundDeps. The error(s) are [
Require upper bound dependencies error for net.java.dev.jna:jna:5.6.0 paths to dependency are:
+-org.eclipse.jetty:infinispan-remote-query:10.0.7-SNAPSHOT
  +-org.testcontainers:testcontainers:1.16.0
    +-com.github.docker-java:docker-java-transport-zerodep:3.2.11
      +-net.java.dev.jna:jna:5.6.0 (managed) <-- net.java.dev.jna:jna:5.8.0

 + use annotation to disable test when docker not available and needed
 + Disabling FileSessionDistributionTests.stopRestartWebappTestSessionContentSaved on Windows
 + Using TLS basic
 + Programmatic removal of memory mapped behavior during testing
 + Fixing slf4j warning

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: Olivier Lamy <oliver.lamy@gmail.com>
2021-08-26 11:26:46 -05:00
Lachlan Roberts 705fe19e2a Issue #6554 - add test for creation of DefaultIdentityService
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-25 12:10:06 +10:00
Lachlan Roberts b854b0b1db Issue #6553 - revert behaviour for DeferredAuthentication
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-20 20:17:25 +10:00
Lachlan Roberts a27018bc39 Issue #6553 - add tests, use 401 code instead of 403, add same check for DeferredAuth
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-20 20:00:31 +10:00
Lachlan Roberts d35ff03e61 Issue #6554 - DefaultAuthenticatorFactory should not create BasicAuthenticator for null AuthMethod
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-02 15:32:45 +10:00
Lachlan Roberts 29a8d5d2bd Issue #6554 - create the DefaultIdentityService even if no realmName is provided
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-02 15:22:43 +10:00