Skip to content

Commit

Permalink
Upgrade from javax.servlet-api-3.1 to jakarta.servlet-api:4.0 and…
Browse files Browse the repository at this point in the history
… ban javax.servlet:javax.servlet-api (#693)

* Upgrade from javax.servlet-api-3.1 to jakarta.servlet-api:4.0.4
* Ban javax.servlet:javax.servlet-api

---------

Co-authored-by: Jesse Glick <[email protected]>
jeromepochat and jglick authored Apr 28, 2023

Partially verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
We cannot verify signatures from co-authors, and some of the co-authors attributed to this commit require their commits to be signed.
1 parent 5f8c1b8 commit 9502105
Showing 5 changed files with 80 additions and 5 deletions.
11 changes: 6 additions & 5 deletions pom.xml
Original file line number Diff line number Diff line change
@@ -175,9 +175,9 @@
</dependency>
<dependency>
<!-- used in JTH and jenkins core > 2.x -->
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.1.0</version>
<groupId>jakarta.servlet</groupId>
<artifactId>jakarta.servlet-api</artifactId>
<version>4.0.4</version>
</dependency>
<dependency>
<groupId>junit</groupId>
@@ -243,8 +243,8 @@

<!-- dependencies provided by virtue of running in Jenkins -->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<groupId>jakarta.servlet</groupId>
<artifactId>jakarta.servlet-api</artifactId>
<scope>provided</scope>
</dependency>

@@ -556,6 +556,7 @@
</enforceBytecodeVersion>
<bannedDependencies>
<excludes>
<exclude>javax.servlet:javax.servlet-api</exclude>
<exclude>javax.servlet:servlet-api</exclude>
<exclude>org.sonatype.sisu:sisu-guice</exclude>
<exclude>log4j:log4j:*:jar:compile</exclude>
3 changes: 3 additions & 0 deletions src/it/servlet-api/invoker.properties
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# install, not verify, because we want to check the artifact as we would be about to deploy it
# release.skipTests normally set in jenkins-release profile since release:perform would do the tests
invoker.goals=-Dstyle.color=always -ntp -Pjenkins-release -Drelease.skipTests=false clean install
36 changes: 36 additions & 0 deletions src/it/servlet-api/pom.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.jenkins-ci.plugins</groupId>
<artifactId>plugin</artifactId>
<version>@project.version@</version>
<relativePath />
</parent>
<groupId>org.jenkins-ci.plugins.its</groupId>
<artifactId>servlet-api</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>hpi</packaging>
<properties>
<jenkins.version>2.361.4</jenkins.version>
</properties>
<dependencies>
<dependency>
<groupId>org.jenkins-ci.plugins</groupId>
<artifactId>structs</artifactId>
<version>1.5</version>
</dependency>
</dependencies>
<repositories>
<repository>
<id>repo.jenkins-ci.org</id>
<url>https://repo.jenkins-ci.org/public/</url>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>repo.jenkins-ci.org</id>
<url>https://repo.jenkins-ci.org/public/</url>
</pluginRepository>
</pluginRepositories>
</project>
2 changes: 2 additions & 0 deletions src/it/servlet-api/src/main/resources/index.jelly
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
<?jelly escape-by-default='true'?>
<div/>
33 changes: 33 additions & 0 deletions src/it/servlet-api/src/test/java/test/ServletAPITest.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
package test;

import hudson.security.LegacySecurityRealm;
import jenkins.model.Jenkins;
import org.junit.Rule;
import org.junit.Test;
import org.jvnet.hudson.test.JenkinsRule;

public class ServletAPITest {

@Rule
public final JenkinsRule rule = new JenkinsRule();

/**
* When having both Servlet APIs 3.1 and 4.0 in classpath, the following error
* is logged on server side:
*
* <pre>
* WARNING o.e.jetty.server.HttpChannel#handleException: /jenkins/j_security_check
* java.lang.AbstractMethodError: Receiver class org.eclipse.jetty.security.authentication.SessionAuthentication does not define or inherit an
* implementation of the resolved method 'abstract void valueBound(javax.servlet.http.HttpSessionBindingEvent)' of interface
* javax.servlet.http.HttpSessionBindingListener. at org.eclipse.jetty.server.session.Session.bindValue(Session.java:357)
* </pre>
*
* And then on client side getting "500 Server Error for
* http://localhost:.../jenkins/j_security_check"
*/
@Test
public void involveHttpSessionBindingListener() throws Exception {
Jenkins.get().setSecurityRealm(new LegacySecurityRealm());
rule.createWebClient().login("bob");
}
}

0 comments on commit 9502105

Please sign in to comment.