I'm currently upgrading from Spring Boot 2.7.7 to Spring Boot 3.0.1.
Unfortunately the SAML-Redirect that works under Spring Boot 2.x does not work anymore.
I had to replace some deprecated code with what is recommended by Spring according to this commit:
https://github.com/spring-projects/spring-security/commit/953c9294d0912d65cd90c8e729a47a0d74697392
under Spring Boot 2.x
#Bean
public Saml2AuthenticationRequestContextResolver saml2AuthenticationRequestContextResolver(
RelyingPartyRegistrationResolver relyingPartyRegistrationResolver) {
return new DefaultSaml2AuthenticationRequestContextResolver(relyingPartyRegistrationResolver);
}
under Spring Boot 3.x
#Bean
public Saml2AuthenticationRequestResolver saml2AuthenticationRequestResolver(
RelyingPartyRegistrationResolver relyingPartyRegistrationResolver) {
return new OpenSaml4AuthenticationRequestResolver(relyingPartyRegistrationResolver);
}
This was the only change I made in the class Saml2WebSecurityConfig, that is now as follows:
#EnableWebSecurity
#Configuration
public class Saml2WebSecurityConfig {
private final ConfigProperties configProperties;
public Saml2WebSecurityConfig(ConfigProperties configProperties) {
this.configProperties = configProperties;
}
#Bean
public RelyingPartyRegistrationRepository relyingPartyRegistrationRepository() throws Exception {
// Generate signing with private key and public key
Saml2X509Credential signingCredential = null; // not relevant for context
// Single verification certificate
Saml2X509Credential verificationCredential = null; // not relevant for context
RelyingPartyRegistration registration = RelyingPartyRegistration
.withRegistrationId(configProperties.getRegistrationId())
.entityId(configProperties.getEntity())
.signingX509Credentials(c -> c.add(signingCredential))
.singleLogoutServiceLocation(configProperties.getSingleLogoutServiceLocation())
.assertingPartyDetails(party -> party.entityId(configProperties.getAssertionId())
.singleSignOnServiceLocation(configProperties.getSingleSignOnServiceLocation())
.singleSignOnServiceBinding(Saml2MessageBinding.POST)
.wantAuthnRequestsSigned(true)
.signingAlgorithms((sign) -> sign.add(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256))
.verificationX509Credentials(c -> c.add(verificationCredential))
)
.build();
return new InMemoryRelyingPartyRegistrationRepository(registration);
}
#Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests(authorize -> authorize
.anyRequest().authenticated())
.saml2Login(saml2 -> {
try {
saml2.relyingPartyRegistrationRepository(this.relyingPartyRegistrationRepository());
} catch (Exception e) {
throw new RuntimeException(e);
}
}).saml2Logout(withDefaults());
http.csrf().disable();
return http.build();
}
#Bean
public Saml2AuthenticationRequestResolver saml2AuthenticationRequestResolver(
RelyingPartyRegistrationResolver relyingPartyRegistrationResolver) {
return new OpenSaml4AuthenticationRequestResolver(relyingPartyRegistrationResolver);
}
#Bean
public RelyingPartyRegistrationResolver relyingPartyRegistrationResolver(
RelyingPartyRegistrationRepository relyingPartyRegistrationRepository) {
return new DefaultRelyingPartyRegistrationResolver(relyingPartyRegistrationRepository);
}
}
This are the dependencies / repositories (effective-pom):
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<version>3.0.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>6.0.3</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>6.0.3</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>6.0.3</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
<version>3.0.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
<version>6.0.3</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>6.0.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-saml2-service-provider</artifactId>
<version>6.0.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>6.0.3</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>2.0.6</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>6.0.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>6.0.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot</artifactId>
<version>3.0.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml-xmlsec-api</artifactId>
<version>4.3.0</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springdoc</groupId>
<artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
<version>2.0.2</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-core</artifactId>
<version>10.1.4</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.openapitools</groupId>
<artifactId>jackson-databind-nullable</artifactId>
<version>0.2.4</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
<version>2.14.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>io.swagger.core.v3</groupId>
<artifactId>swagger-annotations-jakarta</artifactId>
<version>2.2.8</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>jakarta.validation</groupId>
<artifactId>jakarta.validation-api</artifactId>
<version>3.0.2</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml-saml-api</artifactId>
<version>4.3.0</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml-core</artifactId>
<version>4.3.0</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml-saml-impl</artifactId>
<version>4.3.0</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>net.shibboleth.utilities</groupId>
<artifactId>java-support</artifactId>
<version>8.4.0</version>
<scope>compile</scope>
</dependency>
</dependencies>
<repositories>
<repository>
<snapshots>
<enabled>false</enabled>
</snapshots>
<id>central</id>
<url>https://repo1.maven.org/maven2</url>
</repository>
<repository>
<id>Shibboleth</id>
<name>Shibboleth</name>
<url>https://build.shibboleth.net/nexus/content/repositories/releases/</url>
</repository>
</repositories>
Edit:
How the user is extracted:
#Profile("!local")
#RequestScope
#Component
public class SamlUserContext implements UserContext {
#Override
public LoggedInUser user() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (!(authentication instanceof Saml2Authentication)) {
String message = String.format("The type %s is not the expected Saml2Authentication", authentication.getClass());
throw new IllegalStateException(message);
}
if (!(authentication.getPrincipal() instanceof Saml2AuthenticatedPrincipal saml2AuthenticatedPrincipal)) {
String message = String.format("The type %s is not the expected Saml2AuthenticatedPrincipal",
authentication.getPrincipal().getClass());
throw new IllegalStateException(message);
}
return new SamlUser(saml2AuthenticatedPrincipal);
}
}
Related
I updated Spring Boot from 2.1.5.RELEASE to 2.7.0 and after that mobile application on iOS and Android stoped recieving the messages through websockets. I believe some aditional configs should be added. Bellow is my code
WebSocketConfig.java
package com.belcowallet.ws;
import com.belcowallet.security.core.CoreTokenProvider;
import com.belcowallet.service.CoinService;
import com.belcowallet.service.UserService;
import com.belcowallet.util.Constants;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Lazy;
import org.springframework.messaging.Message;
import org.springframework.messaging.MessageChannel;
import org.springframework.messaging.simp.config.ChannelRegistration;
import org.springframework.messaging.simp.config.MessageBrokerRegistry;
import org.springframework.messaging.simp.stomp.StompCommand;
import org.springframework.messaging.simp.stomp.StompHeaderAccessor;
import org.springframework.messaging.support.ChannelInterceptor;
import org.springframework.messaging.support.MessageBuilder;
import org.springframework.messaging.support.MessageHeaderAccessor;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.socket.WebSocketHandler;
import org.springframework.web.socket.WebSocketMessage;
import org.springframework.web.socket.WebSocketSession;
import org.springframework.web.socket.config.annotation.EnableWebSocketMessageBroker;
import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
import org.springframework.web.socket.config.annotation.WebSocketMessageBrokerConfigurer;
import org.springframework.web.socket.config.annotation.WebSocketTransportRegistration;
import org.springframework.web.socket.handler.WebSocketHandlerDecorator;
import java.util.List;
#Configuration
#EnableWebSocketMessageBroker
public class WebSocketConfig implements WebSocketMessageBrokerConfigurer {
private final CoreTokenProvider coreTokenProvider;
private final MessageChannel clientOutboundChannel;
private final CoinService coinService;
private final UserService userService;
public WebSocketConfig(CoreTokenProvider coreTokenProvider, #Lazy #Qualifier("clientOutboundChannel") MessageChannel clientOutboundChannel, #Lazy CoinService coinService, #Lazy UserService userService) {
this.coreTokenProvider = coreTokenProvider;
this.clientOutboundChannel = clientOutboundChannel;
this.coinService = coinService;
this.userService = userService;
}
#Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
registry.addEndpoint("/api/v1/ws").setAllowedOrigins("*");
}
#Override
public void configureMessageBroker(MessageBrokerRegistry registry) {
registry.enableSimpleBroker("/topic", "/queue");
registry.setApplicationDestinationPrefixes("/app");
}
#Override
public void configureClientInboundChannel(ChannelRegistration registration) {
registration.interceptors(new ChannelInterceptor() {
#Override
public Message<?> preSend(Message<?> message, MessageChannel channel) {
StompHeaderAccessor accessor = MessageHeaderAccessor.getAccessor(message, StompHeaderAccessor.class);
if (StompCommand.CONNECT.equals(accessor.getCommand())) {
if (accessor.getNativeHeader(Constants.AUTHORIZATION_HEADER) != null) {
List<String> authorization = accessor.getNativeHeader(Constants.AUTHORIZATION_HEADER);
if (authorization.size() > 0 && authorization.get(0).split(" ").length > 1) {
String accessToken = authorization.get(0).split(" ")[1];
if (coreTokenProvider.validateToken(accessToken)) {
Authentication authentication = coreTokenProvider.getAuthentication(accessToken);
if (SecurityContextHolder.getContext().getAuthentication() == null) {
SecurityContextHolder.getContext().setAuthentication(authentication);
}
accessor.setUser(authentication);
System.out.println(" %%%% CONNECT, phone: " + authentication.getName());
} else {
StompHeaderAccessor headerAccessor = StompHeaderAccessor.create(StompCommand.ERROR);
headerAccessor.setMessage("Access is denied");
headerAccessor.setSessionId(accessor.getSessionId());
clientOutboundChannel.send(MessageBuilder.createMessage(new byte[0], headerAccessor.getMessageHeaders()));
}
}
}
} else if (StompCommand.SUBSCRIBE.equals(accessor.getCommand())) {
String destination = accessor.getDestination();
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
String phone = authentication == null ? accessor.getUser().getName() : authentication.getName();
System.out.println(" %%%% SUBSCRIBE, phone: " + phone + ", destination: " + destination);
if (destination.equals("/user/queue/balance")) {
coinService.pushBalance(userService.findByPhone(phone).getId(), null);
}
} else if (StompCommand.DISCONNECT.equals(accessor.getCommand()) || StompCommand.UNSUBSCRIBE.equals(accessor.getCommand())) {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
String phone = authentication == null ? accessor.getUser().getName() : authentication.getName();
if (StringUtils.isNotBlank(phone) && "anonymous".equalsIgnoreCase(phone)) {
StompHeaderAccessor headerAccessor = StompHeaderAccessor.create(StompCommand.ERROR);
headerAccessor.setMessage("Access is denied");
headerAccessor.setSessionId(accessor.getSessionId());
clientOutboundChannel.send(MessageBuilder.createMessage(new byte[0], headerAccessor.getMessageHeaders()));
} else {
System.out.println(" %%%% DISCONNECT, phone: " + phone);
}
}
return message;
}
});
}
#Override
public void configureWebSocketTransport(WebSocketTransportRegistration registry) {
registry.addDecoratorFactory(webSocketHandler -> new WebSocketSessionHandlerDecorator(webSocketHandler));
}
private class WebSocketSessionHandlerDecorator extends WebSocketHandlerDecorator {
public WebSocketSessionHandlerDecorator(WebSocketHandler delegate) {
super(delegate);
}
public void handleMessage(WebSocketSession session, WebSocketMessage<?> message) throws Exception {
if (session.isOpen()) {
super.handleMessage(session, message);
}
}
}
}
WebSocketSecurityConfig.java
package com.belcowallet.ws;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry;
import org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer;
import static org.springframework.messaging.simp.SimpMessageType.*;
#Configuration
public class WebSocketSecurityConfig extends AbstractSecurityWebSocketMessageBrokerConfigurer {
#Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
messages.simpTypeMatchers(CONNECT, UNSUBSCRIBE, DISCONNECT, OTHER).permitAll();
messages.simpTypeMatchers(SUBSCRIBE).authenticated();
}
#Override
protected boolean sameOriginDisabled() {
return true;
}
}
pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.7.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>backend</artifactId>
<packaging>jar</packaging>
<version>2.7.0</version>
<properties>
<java.version>1.8</java.version>
<io.grpc.version>1.40.1</io.grpc.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-mongodb</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-cache</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
<exclusions>
<exclusion>
<groupId>org.apache.tomcat</groupId>
<artifactId>tomcat-jdbc</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
<exclusions>
<exclusion>
<groupId>io.lettuce</groupId>
<artifactId>lettuce-core</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>redis.clients</groupId>
<artifactId>jedis</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-websocket</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-websocket</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-messaging</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-commons</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-mongodb</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
</dependency>
<dependency>
<groupId>org.mongodb</groupId>
<artifactId>mongodb-driver-sync</artifactId>
<version>4.7.0</version>
</dependency>
<dependency>
<groupId>org.mongodb</groupId>
<artifactId>mongodb-driver-core</artifactId>
<version>4.7.0</version>
</dependency>
<dependency>
<groupId>org.mongodb</groupId>
<artifactId>bson</artifactId>
<version>4.7.0</version>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-core</artifactId>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-envers</artifactId>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-api</artifactId>
<version>0.10.6</version>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-impl</artifactId>
<version>0.10.6</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-jackson</artifactId>
<version>0.10.6</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>net.sf.json-lib</groupId>
<artifactId>json-lib</artifactId>
<version>2.4</version>
<classifier>jdk15</classifier>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
</dependency>
<dependency>
<groupId>com.twilio.sdk</groupId>
<artifactId>twilio</artifactId>
<version>7.54.1</version>
</dependency>
<dependency>
<groupId>com.sendgrid</groupId>
<artifactId>sendgrid-java</artifactId>
<version>4.9.2</version>
</dependency>
<dependency>
<groupId>com.google.protobuf</groupId>
<artifactId>protobuf-java</artifactId>
<version>3.14.0</version>
</dependency>
<dependency>
<groupId>org.web3j</groupId>
<artifactId>core</artifactId>
<version>5.0.0</version>
</dependency>
<dependency>
<groupId>org.web3j</groupId>
<artifactId>utils</artifactId>
<version>5.0.0</version>
</dependency>
<dependency>
<groupId>com.madgag.spongycastle</groupId>
<artifactId>core</artifactId>
<version>1.54.0.0</version>
</dependency>
<dependency>
<groupId>com.google.firebase</groupId>
<artifactId>firebase-admin</artifactId>
<version>8.1.0</version>
<exclusions>
<exclusion>
<groupId>io.grpc</groupId>
<artifactId>grpc-netty-shaded</artifactId>
</exclusion>
<exclusion>
<groupId>io.grpc</groupId>
<artifactId>grpc-protobuf</artifactId>
</exclusion>
<exclusion>
<groupId>io.grpc</groupId>
<artifactId>grpc-stub</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>io.grpc</groupId>
<artifactId>grpc-netty-shaded</artifactId>
<version>${io.grpc.version}</version>
</dependency>
<dependency>
<groupId>io.grpc</groupId>
<artifactId>grpc-protobuf</artifactId>
<version>${io.grpc.version}</version>
</dependency>
<dependency>
<groupId>io.grpc</groupId>
<artifactId>grpc-stub</artifactId>
<version>${io.grpc.version}</version>
</dependency>
<dependency>
<groupId>com.binance.api</groupId>
<artifactId>binance-api-client</artifactId>
<version>1.0.1</version>
<scope>system</scope>
<systemPath>${project.basedir}/lib/binance-api-client-1.0.1.jar</systemPath>
</dependency>
<dependency>
<groupId>com.binance.dex.api</groupId>
<artifactId>binance-dex-api-client</artifactId>
<version>1.1.0</version>
<scope>system</scope>
<systemPath>${project.basedir}/lib/binance-dex-api-client-1.1.2.jar</systemPath>
</dependency>
<dependency>
<groupId>com.trustwallet</groupId>
<artifactId>wallet-core</artifactId>
<version>2.6.11</version>
<scope>system</scope>
<systemPath>${project.basedir}/lib/wallet-core-2.6.11.jar</systemPath>
</dependency>
<dependency>
<groupId>com.ciphertrace</groupId>
<artifactId>grpc</artifactId>
<version>1.0.0</version>
<scope>system</scope>
<systemPath>${project.basedir}/lib/grpc-1.0.0.jar</systemPath>
</dependency>
<dependency>
<groupId>org.bitcoinj</groupId>
<artifactId>bitcoinj-core</artifactId>
<version>0.15.10</version>
</dependency>
<dependency>
<groupId>com.google.maps</groupId>
<artifactId>google-maps-services</artifactId>
<version>1.0.1</version>
</dependency>
<dependency>
<groupId>com.trulioo</groupId>
<artifactId>normalizedapi</artifactId>
<version>1.0.4</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>2.13.2</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
<version>2.13.2</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.datatype</groupId>
<artifactId>jackson-datatype-joda</artifactId>
<version>2.13.2</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.datatype</groupId>
<artifactId>jackson-datatype-jsr310</artifactId>
<version>2.13.2</version>
</dependency>
<dependency>
<groupId>com.squareup.retrofit2</groupId>
<artifactId>converter-jackson</artifactId>
<version>2.9.0</version>
</dependency>
<dependency>
<groupId>com.plaid</groupId>
<artifactId>plaid-java</artifactId>
<version>11.2.0</version>
</dependency>
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.19.2</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
</dependency>
</dependencies>
<build>
<finalName>backend</finalName>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<configuration>
<includeSystemScope>true</includeSystemScope>
</configuration>
</plugin>
</plugins>
</build>
</project>
Is there someone faced the same issue? Thanks in advance
I changed my subscribe name to /user/${sessionId}/queue. This solved the issue.
I am using Spring-Boot, Spring-Data/JPA with Hazelcast client/server topology. I've been trying to use a MapStore as a Write-Behind buffer for my database through HazelcastRepository. My goal is to use a JpaRepository inside my MapStore to store sessions.
My current problem is that repository is not getting #Autowired, it always returns null.
Found this post about a similar situation, but it's not working because hazelcastClientInstance.getConfig().getManagedContext() is returning null.
Hazelcast configuration:
#Configuration
#EnableHazelcastRepositories(basePackages = {"com.xpto.database"})
#EnableJpaRepositories(basePackages = {"com.xpto.database"})
#ComponentScan(basePackages = {"com.xpto"})
public class HazelcastConfiguration {
#Bean
public SpringManagedContext managedContext() {
return new SpringManagedContext();
}
#Bean
HazelcastInstance hazelcastClientInstance(){
// Real all configuration from hazelcast-client file
ClientConfig clientConfig = null;
try {
clientConfig = new XmlClientConfigBuilder("hazelcast-client-config.xml").build().
setManagedContext(managedContext());
} catch (IOException e) {
e.printStackTrace();
}
return HazelcastClient.newHazelcastClient(clientConfig);
}
}
MapStore:
#SpringAware
public class SessionMapStore implements MapStore<String, Session>, MapLoaderLifecycleSupport {
private static final Logger LOGGER = LoggerFactory.getLogger(SessionMapStore.class);
#Autowired
private SessionsHCRepository sessionsHCRepository;
#Override
public void init(HazelcastInstance hazelcastClientInstance, Properties properties, String mapName) {
hazelcastClientInstance.getConfig().getManagedContext().initialize(this);
}
#Override
public void destroy() {
}
Repository:
#Repository
public interface SessionsHCRepository extends HazelcastRepository<SessionDB, String> {
}
pom file:
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.10.0</version>
</dependency>
<dependency>
<groupId>javax.validation</groupId>
<artifactId>validation-api</artifactId>
<version>2.0.1.Final</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.18.20</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>2.11.4</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>2.11.4</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-xml</artifactId>
<version>2.11.0</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-spring-boot-starter-jaxws</artifactId>
<version>3.2.1</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.12.0</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.15</version>
</dependency>
<dependency>
<groupId>org.apache.axis</groupId>
<artifactId>axis</artifactId>
<version>1.4</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.axis</groupId>
<artifactId>axis-jaxrpc</artifactId>
<version>1.4</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>wsdl4j</groupId>
<artifactId>wsdl4j</artifactId>
<version>1.6.2</version>
</dependency>
<dependency>
<groupId>javax.xml.rpc</groupId>
<artifactId>javax.xml.rpc-api</artifactId>
<version>1.1.2</version>
</dependency>
<dependency>
<groupId>commons-discovery</groupId>
<artifactId>commons-discovery</artifactId>
<version>0.5</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>com.oracle.database.jdbc</groupId>
<artifactId>ojdbc8</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>com.hazelcast</groupId>
<artifactId>hazelcast-all</artifactId>
<version>4.2.2</version>
</dependency>
<dependency>
<groupId>com.hazelcast</groupId>
<artifactId>spring-data-hazelcast</artifactId>
<version>1.0</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
</dependency>
</dependencies>
I have a problem with my Spring Boot Soap Server, im using Spring WS, i have to return my files in attachments, i return a Datahandler to the listtype created by Jaxb, but i see in the response in soap ui, attachments 0, and return me the files in base64.
I dont know how to do this.
Can you help me.
Thanks so much.
My Configuration Bean is:
#Bean
public ServletRegistrationBean messageDispatcherServlet(ApplicationContext applicationContext) {
MessageDispatcherServlet servlet = new MessageDispatcherServlet();
servlet.setApplicationContext(applicationContext);
servlet.setTransformWsdlLocations(true);
return new ServletRegistrationBean(servlet, "/ws/services/*");
}
#Bean(name = "students")
public DefaultWsdl11Definition defaultWsdl11Definition(XsdSchema countriesSchema) {
DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();
wsdl11Definition.setPortTypeName("StudentPort");
wsdl11Definition.setLocationUri("/ws/services/test");
wsdl11Definition.setTargetNamespace("http://www.example.org/demo/");
wsdl11Definition.setSchema(countriesSchema);
Properties props = new Properties();
props.put("getDemo", "http://www.example.org/demo/getDemoRequest");
wsdl11Definition.setSoapActions(props);
return wsdl11Definition;
}
#Bean
public XsdSchema countriesSchema() {
return new SimpleXsdSchema(new ClassPathResource("/it/xsd/demo.xsd"));
}
My endpoint have only these annotations:
#PayloadRoot(namespace = NAMESPACE_URI, localPart = "getDemoRequest")
#ResponsePayload
In my demo.xsd, i setted the fileType in
<element name="fileType" type="base64Binary" maxOccurs="unbounded" xmime:expectedContentTypes="application/octet-stream">
I havent xml configuration for now, i would like dont use any xml if it is not necessary in perfect style of Spring Boot.
Thanks so much.
UP:
My code to try enable MTOM.
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.oxm.jaxb.Jaxb2Marshaller;
import org.springframework.ws.config.annotation.WsConfigurerAdapter;
import org.springframework.ws.server.endpoint.adapter.method.MarshallingPayloadMethodProcessor;
import org.springframework.ws.server.endpoint.adapter.method.MethodArgumentResolver;
import java.util.List;
#Configuration
public class MTOMEnable extends WsConfigurerAdapter {
#Override
public void addArgumentResolvers(List<MethodArgumentResolver> argumentResolvers) {
argumentResolvers.add(methodProcessor());
}
#Bean
public Jaxb2Marshaller marshaller() {
Jaxb2Marshaller marshaller = new Jaxb2Marshaller();
marshaller.setClassesToBeBound(GetStudentsResponse.class);
marshaller.setMtomEnabled(true);
return marshaller;
}
#Bean
public MarshallingPayloadMethodProcessor methodProcessor() {
return new MarshallingPayloadMethodProcessor(marshaller());
}
}
POM
<dependencies>
<!-- SOAP DEPENDENCIES-->
<dependency>
<groupId>com.sun.xml.ws</groupId>
<artifactId>jaxws-rt</artifactId>
<version>2.3.2</version>
<type>pom</type>
</dependency>
<dependency>
<groupId>javax.xml.ws</groupId>
<artifactId>jaxws-api</artifactId>
<version>2.3.1</version>
</dependency>
<dependency>
<groupId>com.sun.xml.ws</groupId>
<artifactId>jaxws-ri</artifactId>
<version>2.3.2</version>
<type>pom</type>
</dependency>
<dependency>
<groupId>com.sun.org.apache.xml.internal</groupId>
<artifactId>resolver</artifactId>
<version>20050927</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web-services</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
<version>2.2.2.RELEASE</version>
</dependency>
<dependency>
<groupId>wsdl4j</groupId>
<artifactId>wsdl4j</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.9</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.13</version>
</dependency>
<!--<dependency>
<groupId>com.microsoft.sqlserver</groupId>
<artifactId>mssql-jdbc</artifactId>
<version>6.2.0.jre8</version>
<scope>runtime</scope>
</dependency>-->
<dependency>
<groupId>net.sourceforge.jtds</groupId>
<artifactId>jtds</artifactId>
<version>1.3.1</version>
</dependency>
<!-- https://mvnrepository.com/artifact/javax.xml.bind/jaxb-api -->
<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
<version>2.4.0-b180830.0359</version>
</dependency>
<!-- https://mvnrepository.com/artifact/javax.activation/activation -->
<dependency>
<groupId>javax.activation</groupId>
<artifactId>activation</artifactId>
<version>1.1.1</version>
</dependency>
<!-- https://mvnrepository.com/artifact/org.glassfish.jaxb/jaxb-runtime -->
<dependency>
<groupId>org.glassfish.jaxb</groupId>
<artifactId>jaxb-runtime</artifactId>
<version>2.4.0-b180830.0438</version>
</dependency>
<dependency>
<groupId>commons-fileupload</groupId>
<artifactId>commons-fileupload</artifactId>
<version>1.4</version> <!-- makesure you put a correct version here -->
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<scope>provided</scope>
</dependency>
</dependencies>
The problem is that the DefaultMethodEndpointAdapter bean adds our MTOM-enabled JAXB marshaller/unmarshaller to the END of the handlers' list. The trick is to override the DefaultMethodEndpointAdapter bean and put them FIRST. This way you don't even need to override the addArgumentResolvers().
The following is Kotlin but should be easy enough to convert to plain Java.
#Bean
override fun defaultMethodEndpointAdapter() = object: DefaultMethodEndpointAdapter() {
override fun initDefaultStrategies() {
super.initDefaultStrategies()
methodArgumentResolvers.add(0, methodProcessor()) // needs to be FIRST in list
methodReturnValueHandlers.add(0, methodProcessor()) // needs to be FIRST in list
}
}
You also need to make sure the relevant #RequestPayload and return params are JAXBELement<...>
I am trying to implement Oauth Security in Spring MVC.
this is my java based configuration :
public class HelloWorldConfiguration extends WebMvcConfigurerAdapter{
public void addResourceHandlers(final ResourceHandlerRegistry registry) {
registry.addResourceHandler("/resources/**").addResourceLocations("/resources/");
}
#Bean
public DataSource dataSource() {
final JndiDataSourceLookup dsLookup = new JndiDataSourceLookup();
dsLookup.setResourceRef(true);
DataSource dataSource = dsLookup.getDataSource("jdbc/peoplecheck");
return dataSource;
}
#Bean
public InternalResourceViewResolver viewResolver() {
InternalResourceViewResolver viewResolver =
new InternalResourceViewResolver();
viewResolver.setViewClass(JstlView.class);
viewResolver.setPrefix("/WEB-INF/");
viewResolver.setSuffix(".jsp");
return viewResolver;
}
}
THis is my pom :
<properties>
<spring.version>4.1.2.RELEASE</spring.version>
<jackson.version>1.9.13</jackson.version>
<javax.validation.version>1.1.0.Final</javax.validation.version>
<springsecurity.version>4.1.1.RELEASE</springsecurity.version>
<springsecurityoauth2.version>2.0.10.RELEASE</springsecurityoauth2.version>
<jackson.library>2.7.5</jackson.library>
</properties>
<dependencies>
<dependency>
<groupId>javax.validation</groupId>
<artifactId>validation-api</artifactId>
<version>${javax.validation.version}</version>
</dependency>
<!-- <dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>3.8.1</version>
<scope>test</scope>
</dependency> -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
<version>${spring.version}</version>
</dependency>
<!-- <dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>2.4.1</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>2.4.1.1</version>
</dependency> -->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>${jackson.library}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-xml</artifactId>
<version>${jackson.library}</version>
</dependency>
<!-- Spring Security -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${springsecurity.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${springsecurity.version}</version>
</dependency>
<!-- Spring Security OAuth2-->
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<version>${springsecurityoauth2.version}</version>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.17</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>1.6.1</version>
</dependency>
<dependency>
<groupId>javax.mail</groupId>
<artifactId>mail</artifactId>
<version>1.5.0-b01</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.0</version>
</dependency>
<!-- test -->
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.7</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-all</artifactId>
<version>1.9.5</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.powermock</groupId>
<artifactId>powermock-api-mockito</artifactId>
<version>1.5.1</version>
</dependency>
<dependency>
<groupId>org.powermock</groupId>
<artifactId>powermock-module-junit4</artifactId>
<version>1.5.1</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>${spring.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.0.1</version>
<scope>test</scope>
</dependency>
I am using websphere application server. Whenever i try to run the application i get this exception and very confused what is missing.
if i go with only java based it works fine, while i need to implement in xml based or both as i cant change the entire project.
00000056 DispatcherSer E org.springframework.web.servlet.FrameworkServlet initServletBean Context initialization failed
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.NoClassDefFoundError: org.springframework.web.filter.CorsFilter
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:189)
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:591)
... 109 more
Caused by: java.lang.NoClassDefFoundError: org.springframework.web.filter.CorsFilter
at org.springframework.security.config.annotation.web.builders.FilterComparator.<init>(FilterComparator.java:74)
at org.springframework.security.config.annotation.web.builders.HttpSecurity.<init>(HttpSecurity.java:121)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.getHttp(WebSecurityConfigurerAdapter.java:178)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:290)
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.init(WebSecurityConfigurerAdapter.java:67)
at org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerSecurityConfiguration$$EnhancerBySpringCGLIB$$91437efb.init(<generated>)
spring-security 4.1.1.RELEASE uses spring-framework version 4.3.1.RELEASE. Can you try updating your spring version?
http://docs.spring.io/spring-security/site/docs/4.1.1.RELEASE/reference/htmlsingle/#maven-bom
It seems your CorsFilter is not implemented properly. You should try this filter
public class CORSFilter extends OncePerRequestFilter {
private final Logger LOG = LoggerFactory.getLogger(CORSFilter.class);
#Override
protected void doFilterInternal(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws ServletException, IOException {
LOG.info("Adding CORS Headers ........................");
res.setHeader("Access-Control-Allow-Origin", "*");
res.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
res.setHeader("Access-Control-Max-Age", "3600");
res.setHeader("Access-Control-Allow-Headers", "X-PINGOTHER,Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization");
res.addHeader("Access-Control-Expose-Headers", "xsrf-token");
if ("OPTIONS".equals(req.getMethod())) {
res.setStatus(HttpServletResponse.SC_OK);
} else {
chain.doFilter(req, res);
}
}
}
You can refer to the working example Cross Origin Request Blocked
Hope this help.
I have REST API application running in Jetty + Jersey, all the requests will be filtered by some security filter,which is provided some excluded paths defined in config file. With old version Jersey 2.5 the API works fine, now i upgraded Jersey to 2.22.1, the excluded paths are subjected to filtering too and failed because no authentication token were provided.
here is my filter:
#Provider
#Priority(Priorities.AUTHENTICATION)
public class AuthenticationFilter extends AbstractAuthenticationFilter implements ContainerRequestFilter, DynamicFeature {
...
#Override
public void filter(ContainerRequestContext requestContext) throws IOException {
if (getExcludeUrlPatterns() != null) {
for (String urlPattern : getExcludeUrlPatterns()) {
Pattern p = Pattern.compile(urlPattern);
Matcher m = p.matcher(requestContext.getUriInfo().getPath()); <-- here went wrong
if (m.matches()) {
// skip filtering
}
}
}
// continue filtering.
}
}
here is my resource:
#Path("/version")
public class VersionResource {
...
#GET
#ResponseClass(AppVersion.class)
public Response getVersion() {
AppVersion version =
new AppVersion()
.withBuildPlan(BUILD_PLAN_SETTING)
.withBuildNumber(BUILD_NUMBER_SETTING)
.withBuildTimestamp(BUILD_TIMESTAMP_SETTING)
return Response.ok(version).build();
}
}
Excluded url paths:
/status,/status/?.*,/version,..
as I debugged the code, i noticed for an excluded request context "/myresources/version", requestContext.getUriInfo().getPath() return 'version', however the Pattern is like '/version', thus it doesn't match the pattern and continue the authentication process, and further failed. anyone understand why it works like this?
I use Jersey 2.22.1 and jetty-maven-plugin 9.2.1.v20140609, here is my pom.xml
<jersey.version>2.22.1</jersey.version>
<jetty.version>9.2.1.v20140609</jetty.version>
<dependency>
<groupId>javax.ws.rs</groupId>
<artifactId>javax.ws.rs-api</artifactId>
<version>2.0.1</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.containers</groupId>
<artifactId>jersey-container-servlet</artifactId>
<version>${jersey.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.core</groupId>
<artifactId>jersey-server</artifactId>
<version>${jersey.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.core</groupId>
<artifactId>jersey-client</artifactId>
<version>${jersey.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.core</groupId>
<artifactId>jersey-common</artifactId>
<version>${jersey.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.connectors</groupId>
<artifactId>jersey-jetty-connector</artifactId>
<version>${jersey.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.ext</groupId>
<artifactId>jersey-spring3</artifactId>
<version>${jersey.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.media</groupId>
<artifactId>jersey-media-json-jackson</artifactId>
<version>${jersey.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.media</groupId>
<artifactId>jersey-media-multipart</artifactId>
<version>${jersey.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.connectors</groupId>
<artifactId>jersey-apache-connector</artifactId>
<version>${jersey.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
<version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-servlet</artifactId>
<version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-webapp</artifactId>
<version>${jetty.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-util</artifactId>
<version>${jetty.version}</version>
</dependency>