From bdc3783f99e18355159cb26b5ea85ac440f053a8 Mon Sep 17 00:00:00 2001
From: Wesley Szamotula <wes.szamotula@wisc.edu>
Date: Tue, 7 Jul 2020 13:57:46 -0500
Subject: [PATCH] Upgrade spring to latest version
---
pom.xml | 20 ++++++++++++++-----
uw-spring-security-config/pom.xml | 2 +-
uw-spring-security-core/pom.xml | 2 +-
.../uwss/local/LocalUserDetailsLoader.java | 6 +++---
.../local/LocalUserDetailsManagerImpl.java | 2 +-
.../edu/wisc/uwss/local/local-users.json | 8 ++++----
.../edu/wisc/uwss/local/local-users.yaml | 8 ++++----
.../LocalUserDetailsManagerImplTest.java | 4 ++--
uw-spring-security-sample-war/pom.xml | 2 +-
.../src/main/webapp/index.html | 6 ++++--
uw-spring-security-web/pom.xml | 16 +++++++++++++--
11 files changed, 50 insertions(+), 26 deletions(-)
diff --git a/pom.xml b/pom.xml
index 0b59a31..92f859b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -2,7 +2,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>edu.wisc.uwss</groupId>
<artifactId>uw-spring-security</artifactId>
- <version>2.0.1</version>
+ <version>${revision}</version>
<packaging>pom</packaging>
<name>UW Spring Security Parent</name>
<description>Parent project for module to integrate Spring Security with UW authentication mechanism.</description>
@@ -42,11 +42,12 @@
</repositories>
<properties>
+ <revision>3.0.0</revision>
<adi.development.version>0.5.1</adi.development.version>
- <jackson.version>2.7.4</jackson.version>
+ <jackson.version>2.11.1</jackson.version>
<slf4j.version>1.7.7</slf4j.version>
- <spring.framework.version>4.1.6.RELEASE</spring.framework.version>
- <spring.security.version>4.0.1.RELEASE</spring.security.version>
+ <spring.framework.version>5.2.7.RELEASE</spring.framework.version>
+ <spring.security.version>5.3.3.RELEASE</spring.security.version>
</properties>
<dependencyManagement>
<dependencies>
@@ -97,6 +98,10 @@
<groupId>org.springframework.ws</groupId>
<artifactId>spring-ws-security</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>joda-time</groupId>
+ <artifactId>joda-time</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -217,7 +222,7 @@
<plugin>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
- <version>9.2.8.v20150217</version>
+ <version>9.4.30.v20200611</version>
</plugin>
</plugins>
</pluginManagement>
@@ -249,6 +254,11 @@
<artifactId>maven-surefire-plugin</artifactId>
<version>3.0.0-M5</version>
</plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-install-plugin</artifactId>
+ <version>3.0.0-M1</version>
+ </plugin>
</plugins>
</build>
<modules>
diff --git a/uw-spring-security-config/pom.xml b/uw-spring-security-config/pom.xml
index 058dda0..6c24d40 100644
--- a/uw-spring-security-config/pom.xml
+++ b/uw-spring-security-config/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>edu.wisc.uwss</groupId>
<artifactId>uw-spring-security</artifactId>
- <version>2.0.0-SNAPSHOT</version>
+ <version>${revision}</version>
</parent>
<artifactId>uw-spring-security-config</artifactId>
<name>UW Spring Security Configuration</name>
diff --git a/uw-spring-security-core/pom.xml b/uw-spring-security-core/pom.xml
index cb4b566..fff85ba 100644
--- a/uw-spring-security-core/pom.xml
+++ b/uw-spring-security-core/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>edu.wisc.uwss</groupId>
<artifactId>uw-spring-security</artifactId>
- <version>2.0.0-SNAPSHOT</version>
+ <version>${revision}</version>
</parent>
<artifactId>uw-spring-security-core</artifactId>
<name>UW Spring Security Core</name>
diff --git a/uw-spring-security-core/src/main/java/edu/wisc/uwss/local/LocalUserDetailsLoader.java b/uw-spring-security-core/src/main/java/edu/wisc/uwss/local/LocalUserDetailsLoader.java
index 88e52db..5ed2696 100644
--- a/uw-spring-security-core/src/main/java/edu/wisc/uwss/local/LocalUserDetailsLoader.java
+++ b/uw-spring-security-core/src/main/java/edu/wisc/uwss/local/LocalUserDetailsLoader.java
@@ -36,7 +36,7 @@ public interface LocalUserDetailsLoader {
* @return a never null, but potentially empty, {@link List} of {@link UWUserDetails} instances
* @throws UWSpringSecurityException if the {@link Resource} couldn't be read
*/
- List<UWUserDetails> loadUsers(Resource resource);
+ List<? extends UWUserDetails> loadUsers(Resource resource);
/**
* Default loader uses Jackson and can parse both JSON and YAML formats.
@@ -54,9 +54,9 @@ public interface LocalUserDetailsLoader {
return objectMapper;
}
@Override
- public List<UWUserDetails> loadUsers(Resource resource) {
+ public List<? extends UWUserDetails> loadUsers(Resource resource) {
try {
- List<UWUserDetails> users = getObjectMapper().readValue(resource.getInputStream(), new TypeReference<List<UWUserDetailsImpl>>(){});
+ List<? extends UWUserDetails> users = getObjectMapper().readValue(resource.getInputStream(), new TypeReference<List<UWUserDetailsImpl>>(){});
return users;
} catch (IOException e) {
throw new UWSpringSecurityException("failed to read " + resource, e);
diff --git a/uw-spring-security-core/src/main/java/edu/wisc/uwss/local/LocalUserDetailsManagerImpl.java b/uw-spring-security-core/src/main/java/edu/wisc/uwss/local/LocalUserDetailsManagerImpl.java
index 03d4c41..e7beabf 100644
--- a/uw-spring-security-core/src/main/java/edu/wisc/uwss/local/LocalUserDetailsManagerImpl.java
+++ b/uw-spring-security-core/src/main/java/edu/wisc/uwss/local/LocalUserDetailsManagerImpl.java
@@ -81,7 +81,7 @@ public class LocalUserDetailsManagerImpl implements UserDetailsManager {
@PostConstruct
public void init() {
logger.debug("LocalUserDetailsLoader of type {} enabled, processing resource {}", localUserDetailsLoader.getClass(), localUserResource);
- List<UWUserDetails> users = localUserDetailsLoader.loadUsers(localUserResource);
+ List<? extends UWUserDetails> users = localUserDetailsLoader.loadUsers(localUserResource);
for(UWUserDetails u : users) {
addDemoUser(u);
}
diff --git a/uw-spring-security-core/src/main/resources/edu/wisc/uwss/local/local-users.json b/uw-spring-security-core/src/main/resources/edu/wisc/uwss/local/local-users.json
index 7ad27b0..50033d8 100644
--- a/uw-spring-security-core/src/main/resources/edu/wisc/uwss/local/local-users.json
+++ b/uw-spring-security-core/src/main/resources/edu/wisc/uwss/local/local-users.json
@@ -1,7 +1,7 @@
[
{
"username": "admin",
- "password": "admin",
+ "password": "{noop}admin",
"fullName": "Amy Administrator",
"firstName": "Amy",
"lastName": "Administrator",
@@ -12,7 +12,7 @@
},
{
"username": "jane",
- "password": "jane",
+ "password": "{noop}jane",
"fullName": "Jane Doe",
"firstName": "Jane",
"lastName": "Doe",
@@ -23,7 +23,7 @@
},
{
"username": "john",
- "password": "john",
+ "password": "{noop}john",
"fullName": "John Doe",
"firstName": "John",
"lastName": "Doe",
@@ -34,7 +34,7 @@
},
{
"username": "jim",
- "password": "jim",
+ "password": "{noop}jim",
"fullName": "Jim Doe",
"firstName": "Jim",
"lastName": "Doe",
diff --git a/uw-spring-security-core/src/main/resources/edu/wisc/uwss/local/local-users.yaml b/uw-spring-security-core/src/main/resources/edu/wisc/uwss/local/local-users.yaml
index 0ee9082..073fa77 100644
--- a/uw-spring-security-core/src/main/resources/edu/wisc/uwss/local/local-users.yaml
+++ b/uw-spring-security-core/src/main/resources/edu/wisc/uwss/local/local-users.yaml
@@ -1,7 +1,7 @@
---
- pvi: "UW000A000"
username: "admin"
- password: "admin"
+ password: "{noop}admin"
fullName: "Amy Administrator"
emailAddress: "amy.administrator@demo.wisc.edu"
uddsMembership:
@@ -12,7 +12,7 @@
lastName: "Administrator"
- pvi: "UW000A001"
username: "jane"
- password: "jane"
+ password: "{noop}jane"
fullName: "Jane Doe"
emailAddress: "jane.doe@demo.wisc.edu"
uddsMembership:
@@ -22,7 +22,7 @@
lastName: "Doe"
- pvi: "UW000A002"
username: "john"
- password: "john"
+ password: "{noop}john"
fullName: "John Doe"
emailAddress: "john.doe@demo.wisc.edu"
uddsMembership:
@@ -32,7 +32,7 @@
lastName: "Doe"
- pvi: "UW000A003"
username: "jim"
- password: "jim"
+ password: "{noop}jim"
fullName: "Jim Doe"
emailAddress: "jim.doe@demo.wisc.edu"
uddsMembership: []
diff --git a/uw-spring-security-core/src/test/java/edu/wisc/uwss/local/LocalUserDetailsManagerImplTest.java b/uw-spring-security-core/src/test/java/edu/wisc/uwss/local/LocalUserDetailsManagerImplTest.java
index c7b07a4..072ac49 100644
--- a/uw-spring-security-core/src/test/java/edu/wisc/uwss/local/LocalUserDetailsManagerImplTest.java
+++ b/uw-spring-security-core/src/test/java/edu/wisc/uwss/local/LocalUserDetailsManagerImplTest.java
@@ -297,7 +297,7 @@ public class LocalUserDetailsManagerImplTest {
@Test
public void unsupportedFormatWithUDDS() {
LocalUserDetailsLoader attributesMapper = new LocalUserDetailsLoader.Default();
- List<UWUserDetails> users = attributesMapper.loadUsers(new ClassPathResource("test-users.json"));
+ List<? extends UWUserDetails> users = attributesMapper.loadUsers(new ClassPathResource("test-users.json"));
//demo STAR user with UDDS:
String username = "aalpaca";
@@ -315,7 +315,7 @@ public class LocalUserDetailsManagerImplTest {
@Test
public void unsupportedFormatWithoutUDDS() {
LocalUserDetailsLoader attributesMapper = new LocalUserDetailsLoader.Default();
- List<UWUserDetails> users = attributesMapper.loadUsers(new ClassPathResource("test-users.json"));
+ List<? extends UWUserDetails> users = attributesMapper.loadUsers(new ClassPathResource("test-users.json"));
//demo STAR user without UDDS:
String username = "jim";
diff --git a/uw-spring-security-sample-war/pom.xml b/uw-spring-security-sample-war/pom.xml
index 44a82e3..9dad396 100644
--- a/uw-spring-security-sample-war/pom.xml
+++ b/uw-spring-security-sample-war/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>edu.wisc.uwss</groupId>
<artifactId>uw-spring-security</artifactId>
- <version>2.0.0-SNAPSHOT</version>
+ <version>${revision}</version>
</parent>
<artifactId>uw-spring-security-sample-war</artifactId>
<name>UW Spring Security Sample War</name>
diff --git a/uw-spring-security-sample-war/src/main/webapp/index.html b/uw-spring-security-sample-war/src/main/webapp/index.html
index 5523967..1a5cf6e 100644
--- a/uw-spring-security-sample-war/src/main/webapp/index.html
+++ b/uw-spring-security-sample-war/src/main/webapp/index.html
@@ -29,8 +29,10 @@
<p>Start VM with 'mvn clean install jetty:run -P preauth', visit http://localhost:8080/.</p>
<ol>
<li>Click 'Lazy with "ignorepreauth"', expect "anonymousUser".</li>
- <li>Visit http://localhost:8080/index.html. Click 'Lazy authentication', expect JSON object representing UWUserDetails for 'Amy Administrator'.</li>
- <li>Visit http://localhost:8080/index.html. Click 'Required authentication', expect JSON object representing UWUserDetails for 'Amy Administrator'.</li>
+ <li>Visit http://localhost:8080/index.html. Click 'Lazy authentication', expect JSON object representing UWUserDetails for 'Amy Administrator'.
+ Since at least 1.6.0 this has been returning "anonymousUser" instead. Requires additional investigation to determine if there is a bug here.</li>
+ <li>Visit http://localhost:8080/index.html. Click 'Required authentication', expect JSON object representing UWUserDetails for 'Amy Administrator'.
+ Since at least 1.6.0 this has been failing with "Access denied". Requires additional investigation to determine if there is a bug here.</li>
</ol>
<h3>combined</h3>
diff --git a/uw-spring-security-web/pom.xml b/uw-spring-security-web/pom.xml
index 4c6eedf..9439fe8 100644
--- a/uw-spring-security-web/pom.xml
+++ b/uw-spring-security-web/pom.xml
@@ -1,9 +1,21 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
- <parent>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <configuration>
+ <source>8</source>
+ <target>8</target>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ <parent>
<groupId>edu.wisc.uwss</groupId>
<artifactId>uw-spring-security</artifactId>
- <version>2.0.0-SNAPSHOT</version>
+ <version>${revision}</version>
</parent>
<artifactId>uw-spring-security-web</artifactId>
<name>UW Spring Security Web</name>
--
GitLab