* Bump jolokia-war from 1.3.3 to 1.7.1
Bumps jolokia-war from 1.3.3 to 1.7.1.
---
updated-dependencies:
- dependency-name: org.jolokia:jolokia-war
dependency-type: direct:production
update-type: version-update:semver-minor
...
* Adding HashLoginService to jolokia.xml
* Fixing typo in FQCN for Jetty Password utility
* Using logger to print warning, not ServletContext.log() as it causes an NPE.
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Honor parameters order when parsing query and form parameters
When parsing the query or form parameters in Request, the values are stored in a MultiMap. This class extends HashMap which does not preserve the order of insertion so a request with parameters "first=1&second=2" might end up in a map where "second" will come first when iterating on the entry set.
The order is necessary in some case where the request is signed off the body and/or the query parameters. When the order is not preserved, it is impossible to reconstruct the original request sent, unless using the Request::getInputStream which consumes the stream and makes subsequent calls to Request::getParameters to don't return the form parameters which can be misleading. The same behavior applied to query parameters, by using Request::getQueryString, you get the correct order but Request::getParameters will not.
Moreoever, if the application is behind a reverse proxy using Jetty that is proxying using Request::getParameters which consume the request InputStream, it will be completely impossible to reconstruct the original request.
* Added a test with parameter merging
Co-authored-by: Jacques-Etienne Beaudet <jebeaudet@gmail.com>
* Issue #7277 - Allow `Request.getLocalName()` and `.getLocalPort()` to be overridden (#7316)
* Introduce `HttpConfiguration.setServerAuthority(HostPort)`
to influence `ServletRequest.getServerName()` and `ServletRequest.getServerPort()`
* Introduce `HttpConfiguration.setLocalAddress(SocketAddress)`
to influence `ServletRequest.getLocalName()`, `ServletRequest.getLocalPort()`, and `ServletRequest.getLocalAddr()`
* Correcting Request URI logic on abs-uri without authority
* Adding test cases
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
- Moved ExecutionStrategy from ServerQuicConnection to QuicConnection.
For the server the produced task is declared as BLOCKING, but for the
client the produced task is NON_BLOCKING.
- Fixed race condition in QuicSession.process(...).
- Updated quic-quiche pom.xml.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
- Improved configuration of client and server.
- Started implementation of HttpClientTransportOverHTTP3.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #7063 - Remove logging requirement from Password / Credential
+ Adding testcase for Password command line
+ Moved hex/string methods from TypeUtil to StringUtil
so that they can be reused in non-logging applications.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Changed order of entries in module-info.java to be canonical
(cherry picked from commit 02691171d5)
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Fix#6870 URIUtil.encodePath encodes control characters
* Better test for wider range of characters
* Encode all control characters
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Fix#6860 IPv6 format by adding an extensible HttpChannel method
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Lachlan Roberts <lachlan@webtide.com>
* Fixes#6603 - HTTP/2 max local stream count exceeded (#6639)
Made MAX_CONCURRENT_STREAMS setting work on a per-connection basis.
Updated Pool javadocs.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
(cherry picked from commit 525fcb3119)
Issue #5684 - Window's test overhaul
+ Migrate from @DisabledOnOs(WINDOWS) to assumptions on capabilities instead.
+ Fix other outstanding windows testing issues.
+ Cleanup FileBufferedResponseHandlerTest expectations on Windows.
+ PathWatcher scan interval is variable on windows
+ If unable to start testcase based on assumption,
the stop shouldn't fail testcase
+ Increase various wait timeouts
+ Make tests less strict due to system speed issues
+ Disable Sni tests due to TLS behaviors differences in Windows
+ Windows TLSv1.3 seems to introduce this difference
+ If we restrict to TLSv1.2 this passes.
+ On Linux TLSv.13 on client side will always return a
+ javax.net.ssl.SSLHandshakeException in those test cases that expect it.
+ However, on Windows, Only the TLSv1.2 implementation will return a javax.net.ssl.SSLHandshakeException,
+ All other TLS versions on Windows will result in a
+ javax.net.ssl.SSLException: Software caused connection abort: recv failed
+ Disable ConcurrentStreamCreationTest
+ Not possible to create all of these streams.
+ Fixing DeploymentTempDirTest
+ Using unique workdir per testcase.
+ Don't expect to delete files / directories between tests
(not supported on windows due to file locking anyway)
+ Fixing line ending difference on windows
+ InvalidPathException is a 404 Not Found
+ Cannot reuse test directory between runs due to memory mapped files that are still in use from previous run.
+ java.nio.file.FileSystemException: C:\code\jetty.project\jetty-webapp\target\tests\welcome#\index.html: The requested operation cannot be performed on a file with a user-mapped section open.
at java.base/sun.nio.fs.WindowsException.translateToIOException(WindowsException.java:92)
at java.base/sun.nio.fs.WindowsException.rethrowAsIOException(WindowsException.java:103)
at java.base/sun.nio.fs.WindowsException.rethrowAsIOException(WindowsException.java:108)
at java.base/sun.nio.fs.WindowsFileSystemProvider.newByteChannel(WindowsFileSystemProvider.java:235)
at java.base/java.nio.file.spi.FileSystemProvider.newOutputStream(FileSystemProvider.java:478)
at java.base/java.nio.file.Files.newOutputStream(Files.java:220)
at org.eclipse.jetty.webapp/org.eclipse.jetty.webapp.WebAppDefaultServletTest.prepareServer(WebAppDefaultServletTest.java:84)
+ As is typical on windows, we are often unable to delete a file due to file locking issues.
+ Use a unique resource base between tests.
This is to avoid file locking behaviors that prevent the
resource base from being reused too quickly on windows.
+ Prevent test run if symlinks not supported
+ Allowing for Windows slosh char as well in asserts
+ SelectorUtils is File.separator dependent
+ Regex is now FS.separator independent
+ Using SelectorUtils from plexus correctly for include/exclude
+ Turning off mapped files for testing reasons.
+ Fix and re-enable RFC2616NIOHttpsTest
+ Issue #6552 - Fix test failures due to slf4j dep
+ Issue #6552 - upgrade testcontainers
+ Issue #6552 - move to assumption based docker existence
+ Issue #6552 - Fix enforcer rule violation on jna.
Addresses the following side effect of upgrading testcontainers.
[WARNING] Rule 3: org.apache.maven.plugins.enforcer.RequireUpperBoundDeps failed with message:
Failed while enforcing RequireUpperBoundDeps. The error(s) are [
Require upper bound dependencies error for net.java.dev.jna:jna:5.6.0 paths to dependency are:
+-org.eclipse.jetty:infinispan-remote-query:10.0.7-SNAPSHOT
+-org.testcontainers:testcontainers:1.16.0
+-com.github.docker-java:docker-java-transport-zerodep:3.2.11
+-net.java.dev.jna:jna:5.6.0 (managed) <-- net.java.dev.jna:jna:5.8.0
+ use annotation to disable test when docker not available and needed
+ Disabling FileSessionDistributionTests.stopRestartWebappTestSessionContentSaved on Windows
+ Using TLS basic
+ Programmatic removal of memory mapped behavior during testing
+ Fixing slf4j warning
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: Olivier Lamy <oliver.lamy@gmail.com>
Fixed occurrences of Callbacks that did not override getInvocationType() to properly declare whether they block or not.
Added test case for blocking writes for both client and server.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 9897c1b06e)
Java 17 only allows letter|digit|hyphen characters for SNI names.
While we could bypass this restriction on the client, when the SNI bytes arrive to the server they will be verified and if not allowed the TLS handshake will fail.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 693663a4ce)
A call to offer must never block, nor even yield, since to do so give an opportunity for the allocated CPU core to change, defeating the whole purpose of the class.
There is also some reasonable level of diagnostic warnings if a reserved thread misses too many offers consecutively, based on tracking the state of the reserved thread.
Remove the stack data structure entirely. ReservedThreads all poll the same SynchronousQueue and tryExecute does a non blocking offer.
Added test for busy shrinking
Remember last time we hit zero reserved threads
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>