diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 3f3f2cdd..f9825a42 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -10,7 +10,7 @@ jobs: runs-on: ${{ matrix.os }} strategy: matrix: - java: [ '8', '11', '17', '21', '25' ] + java: [ '11', '17', '21', '25' ] os: [ 'ubuntu-latest', 'macos-latest', 'windows-latest' ] fail-fast: false steps: @@ -172,7 +172,7 @@ jobs: file: ./Dockerfile-alpine build-args: | VERSION=${{ env.release_version }} - platforms: linux/amd64,linux/arm64/8, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6, linux/ppc64le + platforms: linux/amd64, linux/arm64/8, linux/s390x, linux/ppc64le push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a2172f83..f7c26a16 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -26,7 +26,7 @@ jobs: - name: Set up Java for publishing to Maven Central Repository OSS uses: actions/setup-java@v4 with: - java-version: '8' + java-version: '11' distribution: 'temurin' server-id: ossrh server-username: MAVEN_USERNAME @@ -168,7 +168,7 @@ jobs: file: ./Dockerfile-alpine build-args: | VERSION=${{ github.event.inputs.releaseVersion }} - platforms: linux/amd64,linux/arm64/8, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6, linux/ppc64le + platforms: linux/amd64, linux/arm64/8, linux/s390x, linux/ppc64le push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} diff --git a/Dockerfile-alpine b/Dockerfile-alpine index 4f87b031..bd79674a 100644 --- a/Dockerfile-alpine +++ b/Dockerfile-alpine @@ -1,6 +1,6 @@ -FROM openjdk:8-jre-alpine +FROM alpine:latest -MAINTAINER Open Identity Platform Community +LABEL org.opencontainers.image.authors="Open Identity Platform Community" ENV USER="openicf" ENV OPENICF_OPTS="-server -XX:+UseContainerSupport" @@ -11,7 +11,7 @@ WORKDIR /opt #COPY OpenICF-java-framework/openicf-zip/target/*.zip ./ -RUN apk add --update --no-cache --virtual builddeps curl unzip \ +RUN apk add --update --no-cache --virtual builddeps curl unzip openjdk11-jre \ && apk upgrade --update --no-cache \ && apk add bash \ && bash -c 'if [ ! -z "$VERSION" ] ; then rm -rf ./*.zip ; curl -L https://github.com/OpenIdentityPlatform/OpenICF/releases/download/$VERSION/openicf-$VERSION.zip --output openicf-$VERSION.zip ; fi' \ diff --git a/OpenICF-csvfile-connector/pom.xml b/OpenICF-csvfile-connector/pom.xml index d8cf3a01..c62865ba 100644 --- a/OpenICF-csvfile-connector/pom.xml +++ b/OpenICF-csvfile-connector/pom.xml @@ -22,7 +22,7 @@ org.openidentityplatform.openicf.connectors connectors-parent - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT ../OpenICF-java-framework/bundles-parent org.openidentityplatform.openicf.connectors diff --git a/OpenICF-databasetable-connector/pom.xml b/OpenICF-databasetable-connector/pom.xml index 2dd424c9..26082e29 100644 --- a/OpenICF-databasetable-connector/pom.xml +++ b/OpenICF-databasetable-connector/pom.xml @@ -27,7 +27,7 @@ org.openidentityplatform.openicf.connectors connectors-parent - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT ../OpenICF-java-framework/bundles-parent org.openidentityplatform.openicf.connectors diff --git a/OpenICF-dbcommon/pom.xml b/OpenICF-dbcommon/pom.xml index 12fa8075..c252e6fa 100755 --- a/OpenICF-dbcommon/pom.xml +++ b/OpenICF-dbcommon/pom.xml @@ -27,7 +27,7 @@ org.openidentityplatform.openicf.framework framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT ../OpenICF-java-framework org.openidentityplatform.openicf.connectors.misc diff --git a/OpenICF-groovy-connector/pom.xml b/OpenICF-groovy-connector/pom.xml index 2f8397bf..b0bcf325 100644 --- a/OpenICF-groovy-connector/pom.xml +++ b/OpenICF-groovy-connector/pom.xml @@ -22,14 +22,14 @@ your own identifying information: "Portions Copyrighted [year] [name of copyright owner]" - Portions Copyrighted 2018-2024 3A Systems, LLC + Portions Copyrighted 2018-2025 3A Systems, LLC --> 4.0.0 org.openidentityplatform.openicf.connectors connectors-parent - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT ../OpenICF-java-framework/bundles-parent org.openidentityplatform.openicf.connectors @@ -236,6 +236,7 @@ 3.0.2 UTF-8 + 1.8 diff --git a/OpenICF-java-framework/bundles-parent/pom.xml b/OpenICF-java-framework/bundles-parent/pom.xml index b8cf3c48..714bb04e 100644 --- a/OpenICF-java-framework/bundles-parent/pom.xml +++ b/OpenICF-java-framework/bundles-parent/pom.xml @@ -28,7 +28,7 @@ org.openidentityplatform.openicf.framework framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT org.openidentityplatform.openicf.connectors connectors-parent diff --git a/OpenICF-java-framework/connector-framework-contract/pom.xml b/OpenICF-java-framework/connector-framework-contract/pom.xml index d533cebc..b7f98e67 100644 --- a/OpenICF-java-framework/connector-framework-contract/pom.xml +++ b/OpenICF-java-framework/connector-framework-contract/pom.xml @@ -27,7 +27,7 @@ org.openidentityplatform.openicf.framework framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT connector-framework-contract OpenICF Contract Tests diff --git a/OpenICF-java-framework/connector-framework-internal/pom.xml b/OpenICF-java-framework/connector-framework-internal/pom.xml index b1b28dbd..0dc42560 100644 --- a/OpenICF-java-framework/connector-framework-internal/pom.xml +++ b/OpenICF-java-framework/connector-framework-internal/pom.xml @@ -27,7 +27,7 @@ org.openidentityplatform.openicf.framework framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT connector-framework-internal bundle diff --git a/OpenICF-java-framework/connector-framework-osgi/pom.xml b/OpenICF-java-framework/connector-framework-osgi/pom.xml index 0ccd9990..c7428386 100644 --- a/OpenICF-java-framework/connector-framework-osgi/pom.xml +++ b/OpenICF-java-framework/connector-framework-osgi/pom.xml @@ -21,13 +21,15 @@ with the fields enclosed by brackets [] replaced by your own identifying information: "Portions Copyrighted [year] [name of copyright owner]" + + Portions Copyrighted 2025 3A Systems LLC. --> 4.0.0 org.openidentityplatform.openicf.framework framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT connector-framework-osgi bundle @@ -64,7 +66,6 @@ org.slf4j slf4j-api - ${slf4j.version} provided diff --git a/OpenICF-java-framework/connector-framework-protobuf/pom.xml b/OpenICF-java-framework/connector-framework-protobuf/pom.xml index c678f5e7..14d5d564 100644 --- a/OpenICF-java-framework/connector-framework-protobuf/pom.xml +++ b/OpenICF-java-framework/connector-framework-protobuf/pom.xml @@ -28,7 +28,7 @@ framework org.openidentityplatform.openicf.framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT 4.0.0 diff --git a/OpenICF-java-framework/connector-framework-rpc/pom.xml b/OpenICF-java-framework/connector-framework-rpc/pom.xml index 8c7c4438..90a25ead 100644 --- a/OpenICF-java-framework/connector-framework-rpc/pom.xml +++ b/OpenICF-java-framework/connector-framework-rpc/pom.xml @@ -28,7 +28,7 @@ framework org.openidentityplatform.openicf.framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT 4.0.0 diff --git a/OpenICF-java-framework/connector-framework-server/pom.xml b/OpenICF-java-framework/connector-framework-server/pom.xml index d4287e80..6eee102e 100644 --- a/OpenICF-java-framework/connector-framework-server/pom.xml +++ b/OpenICF-java-framework/connector-framework-server/pom.xml @@ -28,7 +28,7 @@ framework org.openidentityplatform.openicf.framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT 4.0.0 @@ -39,6 +39,7 @@ UTF-8 + [3.0,5) @@ -104,7 +105,6 @@ org.slf4j slf4j-api - ${slf4j.version} provided @@ -164,6 +164,22 @@ true + + org.glassfish.grizzly;version="${osgi.grizzly.version}", + org.glassfish.grizzly.asyncqueue;version="${osgi.grizzly.version}", + org.glassfish.grizzly.attributes;version="${osgi.grizzly.version}", + org.glassfish.grizzly.filterchain;version="${osgi.grizzly.version}", + org.glassfish.grizzly.http;version="${osgi.grizzly.version}", + org.glassfish.grizzly.http.util;version="${osgi.grizzly.version}", + org.glassfish.grizzly.nio.transport;version="${osgi.grizzly.version}", + org.glassfish.grizzly.ssl;version="${osgi.grizzly.version}", + org.glassfish.grizzly.strategies;version="${osgi.grizzly.version}", + org.glassfish.grizzly.threadpool;version="${osgi.grizzly.version}", + org.glassfish.grizzly.utils;version="${osgi.grizzly.version}", + org.glassfish.grizzly.websockets;version="${osgi.grizzly.version}", + org.glassfish.grizzly.websockets.frametypes;version="${osgi.grizzly.version}", + * + org.forgerock.openicf.framework.osgi.internal.Activator diff --git a/OpenICF-java-framework/connector-framework/pom.xml b/OpenICF-java-framework/connector-framework/pom.xml index 67ad8f1e..abb5e5c6 100644 --- a/OpenICF-java-framework/connector-framework/pom.xml +++ b/OpenICF-java-framework/connector-framework/pom.xml @@ -27,7 +27,7 @@ org.openidentityplatform.openicf.framework framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT connector-framework bundle diff --git a/OpenICF-java-framework/connector-server-grizzly/pom.xml b/OpenICF-java-framework/connector-server-grizzly/pom.xml index bb113ffd..c65f6a42 100644 --- a/OpenICF-java-framework/connector-server-grizzly/pom.xml +++ b/OpenICF-java-framework/connector-server-grizzly/pom.xml @@ -28,7 +28,7 @@ framework org.openidentityplatform.openicf.framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT 4.0.0 @@ -66,8 +66,8 @@ grizzly-websockets - javax.servlet - javax.servlet-api + jakarta.servlet + jakarta.servlet-api diff --git a/OpenICF-java-framework/connector-server-grizzly/src/main/java/org/forgerock/openicf/framework/server/ConnectorServer.java b/OpenICF-java-framework/connector-server-grizzly/src/main/java/org/forgerock/openicf/framework/server/ConnectorServer.java index d3dc192e..d611dd1b 100644 --- a/OpenICF-java-framework/connector-server-grizzly/src/main/java/org/forgerock/openicf/framework/server/ConnectorServer.java +++ b/OpenICF-java-framework/connector-server-grizzly/src/main/java/org/forgerock/openicf/framework/server/ConnectorServer.java @@ -20,6 +20,8 @@ * with the fields enclosed by brackets [] replaced by * your own identifying information: * "Portions Copyrighted [year] [name of copyright owner]" + * + * Portions Copyrighted 2025 3A Systems LLC. */ package org.forgerock.openicf.framework.server; @@ -106,7 +108,7 @@ public class ConnectorServer { "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "SSL_RSA_WITH_RC4_128_MD5", - "TLS_EMPTY_RENEGOTIATION_INFO_SCSVFo", // per RFC 5746 + "TLS_EMPTY_RENEGOTIATION_INFO_SCSV", // per RFC 5746 }; // @formatter:on diff --git a/OpenICF-java-framework/connector-server-grizzly/src/main/java/org/forgerock/openicf/framework/server/grizzly/OpenICFWebSocketServlet.java b/OpenICF-java-framework/connector-server-grizzly/src/main/java/org/forgerock/openicf/framework/server/grizzly/OpenICFWebSocketServlet.java index 8a5766fa..dd6e5191 100644 --- a/OpenICF-java-framework/connector-server-grizzly/src/main/java/org/forgerock/openicf/framework/server/grizzly/OpenICFWebSocketServlet.java +++ b/OpenICF-java-framework/connector-server-grizzly/src/main/java/org/forgerock/openicf/framework/server/grizzly/OpenICFWebSocketServlet.java @@ -20,13 +20,15 @@ * with the fields enclosed by brackets [] replaced by * your own identifying information: * "Portions Copyrighted [year] [name of copyright owner]" + * + * Portions Copyrighted 2025 3A Systems LLC. */ package org.forgerock.openicf.framework.server.grizzly; -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; +import jakarta.servlet.ServletConfig; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServlet; import org.forgerock.openicf.framework.ConnectorFramework; import org.glassfish.grizzly.websockets.WebSocketEngine; diff --git a/OpenICF-java-framework/connector-server-jetty/pom.xml b/OpenICF-java-framework/connector-server-jetty/pom.xml index 2e2f90a0..b29b57f1 100644 --- a/OpenICF-java-framework/connector-server-jetty/pom.xml +++ b/OpenICF-java-framework/connector-server-jetty/pom.xml @@ -28,7 +28,7 @@ framework org.openidentityplatform.openicf.framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT 4.0.0 @@ -48,15 +48,25 @@ org.eclipse.jetty.websocket - websocket-server + websocket-jetty-server provided + + + + + - javax.servlet - javax.servlet-api - 3.1.0 + jakarta.servlet + jakarta.servlet-api provided + + + + + + @@ -121,7 +131,12 @@ false kill + 1 300 + -Dorg.eclipse.jetty.LEVEL=DEBUG + + + diff --git a/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/Authenticator.java b/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/Authenticator.java index effb6cd1..8cf51691 100644 --- a/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/Authenticator.java +++ b/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/Authenticator.java @@ -12,18 +12,19 @@ * information: "Portions copyright [year] [name of copyright owner]". * * Copyright 2016 ForgeRock AS. + * Portions copyright 2025 3A Systems LLC. */ package org.forgerock.openicf.framework.server.jetty; -import org.eclipse.jetty.websocket.servlet.ServletUpgradeRequest; -import org.eclipse.jetty.websocket.servlet.ServletUpgradeResponse; +import org.eclipse.jetty.websocket.server.JettyServerUpgradeRequest; +import org.eclipse.jetty.websocket.server.JettyServerUpgradeResponse; import javax.security.auth.callback.NameCallback; public interface Authenticator { - void authenticate(ServletUpgradeRequest request, ServletUpgradeResponse response, + void authenticate(JettyServerUpgradeRequest request, JettyServerUpgradeResponse response, NameCallback callback); } diff --git a/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/OpenICFListenerImpl.java b/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/OpenICFListenerImpl.java deleted file mode 100644 index 59d3c752..00000000 --- a/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/OpenICFListenerImpl.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. - * - * Copyright (c) 2015 ForgeRock AS. All rights reserved. - * - * The contents of this file are subject to the terms - * of the Common Development and Distribution License - * (the License). You may not use this file except in - * compliance with the License. - * - * You can obtain a copy of the License at - * http://forgerock.org/license/CDDLv1.0.html - * See the License for the specific language governing - * permission and limitations under the License. - * - * When distributing Covered Code, include this CDDL - * Header Notice in each file and include the License file - * at http://forgerock.org/license/CDDLv1.0.html - * If applicable, add the following below the CDDL Header, - * with the fields enclosed by brackets [] replaced by - * your own identifying information: - * "Portions Copyrighted [year] [name of copyright owner]" - */ - -package org.forgerock.openicf.framework.server.jetty; - -import org.eclipse.jetty.websocket.api.WebSocketPolicy; -import org.eclipse.jetty.websocket.common.events.EventDriver; -import org.eclipse.jetty.websocket.common.events.EventDriverImpl; -import org.forgerock.openicf.framework.remote.ConnectionPrincipal; - -public class OpenICFListenerImpl implements EventDriverImpl { - @Override - public EventDriver create(final Object websocket, WebSocketPolicy policy) { - return new WebSocketListenerBridge(policy, (ConnectionPrincipal) websocket); - } - - @Override - public String describeRule() { - return "class implements " + ConnectionPrincipal.class.getName(); - } - - @Override - public boolean supports(Object websocket) { - return (websocket instanceof ConnectionPrincipal); - } -} diff --git a/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/OpenICFWebSocketCreator.java b/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/OpenICFWebSocketCreator.java index 901d5bdd..c8c16229 100644 --- a/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/OpenICFWebSocketCreator.java +++ b/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/OpenICFWebSocketCreator.java @@ -12,6 +12,7 @@ * information: "Portions copyright [year] [name of copyright owner]". * * Copyright 2015-2016 ForgeRock AS. + * Portions copyright 2025 3A Systems LLC. */ package org.forgerock.openicf.framework.server.jetty; @@ -23,27 +24,24 @@ import java.util.concurrent.TimeUnit; import javax.security.auth.callback.NameCallback; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; import org.eclipse.jetty.util.StringUtil; import org.eclipse.jetty.util.log.Log; import org.eclipse.jetty.util.log.Logger; -import org.eclipse.jetty.websocket.servlet.ServletUpgradeRequest; -import org.eclipse.jetty.websocket.servlet.ServletUpgradeResponse; -import org.eclipse.jetty.websocket.servlet.WebSocketCreator; -import org.forgerock.openicf.common.protobuf.RPCMessages; +import org.eclipse.jetty.websocket.server.JettyServerUpgradeRequest; +import org.eclipse.jetty.websocket.server.JettyServerUpgradeResponse; +import org.eclipse.jetty.websocket.server.JettyWebSocketCreator; import org.forgerock.openicf.framework.ConnectorFramework; import org.forgerock.openicf.framework.client.RemoteWSFrameworkConnectionInfo; import org.forgerock.openicf.framework.remote.ConnectionPrincipal; import org.forgerock.openicf.framework.remote.OpenICFServerAdapter; import org.forgerock.openicf.framework.remote.rpc.OperationMessageListener; -import org.forgerock.openicf.framework.remote.rpc.RemoteOperationContext; import org.forgerock.openicf.framework.remote.rpc.WebSocketConnectionGroup; -import org.forgerock.openicf.framework.remote.rpc.WebSocketConnectionHolder; -public class OpenICFWebSocketCreator implements WebSocketCreator { +public class OpenICFWebSocketCreator implements JettyWebSocketCreator { - private static final Logger logger = Log.getLogger(WebSocketListenerBridge.class); + private static final Logger logger = Log.getLogger(OpenICFWebSocketCreator.class); protected final ConcurrentMap globalConnectionGroups = new ConcurrentHashMap(); @@ -78,7 +76,7 @@ public OpenICFWebSocketCreator(final ConnectorFramework connectorFramework, logger.info("Creating single 'anonymous' authenticator"); this.authenticator = new Authenticator() { @Override - public void authenticate(ServletUpgradeRequest request, ServletUpgradeResponse response, NameCallback callback) { + public void authenticate(JettyServerUpgradeRequest request, JettyServerUpgradeResponse response, NameCallback callback) { callback.setName(ConnectionPrincipal.DEFAULT_NAME); } }; @@ -99,7 +97,7 @@ public void run() { } @Override - public Object createWebSocket(ServletUpgradeRequest request, ServletUpgradeResponse response) { + public Object createWebSocket(JettyServerUpgradeRequest request, JettyServerUpgradeResponse response) { if (request.getSubProtocols().contains(RemoteWSFrameworkConnectionInfo.OPENICF_PROTOCOL)) { response.setAcceptedSubProtocol(RemoteWSFrameworkConnectionInfo.OPENICF_PROTOCOL); @@ -114,7 +112,7 @@ public Object createWebSocket(ServletUpgradeRequest request, ServletUpgradeRespo return null; } - protected void unauthorized(ServletUpgradeResponse response, String message) { + protected void unauthorized(JettyServerUpgradeResponse response, String message) { try { response.sendError( HttpServletResponse.SC_FORBIDDEN, @@ -124,7 +122,7 @@ protected void unauthorized(ServletUpgradeResponse response, String message) { } } - public ConnectionPrincipal authenticate(ServletUpgradeRequest request, ServletUpgradeResponse response) { + public ConnectionPrincipal authenticate(JettyServerUpgradeRequest request, JettyServerUpgradeResponse response) { NameCallback callback = new NameCallback("OpenICF user:>"); authenticator.authenticate(request, response, callback); if (StringUtil.isNotBlank(callback.getName())) { @@ -140,39 +138,4 @@ public ConnectionPrincipal authenticate(ServletUpgradeRequest request, Servle return null; } - public static class SinglePrincipal extends ConnectionPrincipal { - - - final String name; - final ConnectorFramework connectorFramework; - - public SinglePrincipal(final String name, - final OperationMessageListener listener, - final ConnectorFramework connectorFramework, - final ConcurrentMap globalConnectionGroups) { - super(listener, globalConnectionGroups); - this.name = name; - this.connectorFramework = connectorFramework; - } - - @Override - public String getName() { - return StringUtil.isBlank(name) ? super.getName() : name; - } - - public RemoteOperationContext handshake( - final WebSocketConnectionHolder webSocketConnection, - final RPCMessages.HandshakeMessage message) { - return super.handshake(webSocketConnection, message); - } - - protected void doClose() { - - } - - @Override - protected void onNewWebSocketConnectionGroup(final WebSocketConnectionGroup connectionGroup) { - connectorFramework.getServerManager(getName()).addWebSocketConnectionGroup(connectionGroup); - } - } } diff --git a/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/OpenICFWebSocketServletBase.java b/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/OpenICFWebSocketServletBase.java index 4fe4350c..2388b249 100644 --- a/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/OpenICFWebSocketServletBase.java +++ b/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/OpenICFWebSocketServletBase.java @@ -12,33 +12,35 @@ * information: "Portions copyright [year] [name of copyright owner]". * * Copyright 2015-2016 ForgeRock AS. + * Portions copyright 2025 3A Systems LLC. */ package org.forgerock.openicf.framework.server.jetty; import java.lang.reflect.Method; +import java.nio.ByteBuffer; import java.util.concurrent.Executors; import java.util.concurrent.ScheduledExecutorService; import java.util.concurrent.ScheduledThreadPoolExecutor; import javax.security.auth.callback.NameCallback; -import javax.servlet.ServletConfig; -import javax.servlet.http.HttpServletRequest; +import jakarta.servlet.ServletConfig; +import jakarta.servlet.http.HttpServletRequest; import org.eclipse.jetty.util.log.Log; import org.eclipse.jetty.util.log.Logger; -import org.eclipse.jetty.websocket.server.WebSocketServerFactory; -import org.eclipse.jetty.websocket.servlet.ServletUpgradeRequest; -import org.eclipse.jetty.websocket.servlet.ServletUpgradeResponse; -import org.eclipse.jetty.websocket.servlet.WebSocketServlet; -import org.eclipse.jetty.websocket.servlet.WebSocketServletFactory; +import org.eclipse.jetty.websocket.api.WebSocketPingPongListener; +import org.eclipse.jetty.websocket.server.JettyServerUpgradeRequest; +import org.eclipse.jetty.websocket.server.JettyServerUpgradeResponse; +import org.eclipse.jetty.websocket.server.JettyWebSocketServlet; +import org.eclipse.jetty.websocket.server.JettyWebSocketServletFactory; import org.forgerock.openicf.framework.ConnectorFramework; import org.forgerock.openicf.framework.ConnectorFrameworkFactory; import org.forgerock.openicf.framework.remote.ReferenceCountedObject; import org.forgerock.util.Utils; import org.identityconnectors.common.StringUtil; -public class OpenICFWebSocketServletBase extends WebSocketServlet { +public class OpenICFWebSocketServletBase extends JettyWebSocketServlet { public static final String INIT_PARAM_CONNECTOR_FRAMEWORK_FACTORY_CLASS = "connector-framework-factory-class"; @@ -91,18 +93,8 @@ public void destroy() { } @Override - public void configure(WebSocketServletFactory factory) { + public void configure(JettyWebSocketServletFactory factory) { factory.setCreator(getWebsocketCreator()); - // To support onPing/onPong we need custom EventDriverFactory - WebSocketServerFactory serverFactory = ((WebSocketServerFactory) factory); - serverFactory.getEventDriverFactory().clearImplementations(); - serverFactory.getEventDriverFactory().addImplementation(new OpenICFListenerImpl()); - serverFactory.addSessionFactory(new OpenICFWebSocketSessionFactory(serverFactory)); - - String max = getInitParameter("maxAsyncWriteTimeout"); - if (max != null) { - factory.getPolicy().setAsyncWriteTimeout(Long.parseLong(max)); - } } protected ConnectorFramework getConnectorFramework() { @@ -205,7 +197,7 @@ public void setAttributeValue(HttpServletRequest httpRequest, String value) { } @Override - public void authenticate(ServletUpgradeRequest request, ServletUpgradeResponse response, NameCallback callback) { + public void authenticate(JettyServerUpgradeRequest request, JettyServerUpgradeResponse response, NameCallback callback) { Object value = request.getServletAttribute(attributeName); if (value instanceof String) { callback.setName((String) value); @@ -213,3 +205,7 @@ public void authenticate(ServletUpgradeRequest request, ServletUpgradeResponse r } } } + + + + diff --git a/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/OpenICFWebSocketSessionFactory.java b/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/OpenICFWebSocketSessionFactory.java deleted file mode 100644 index 50879c92..00000000 --- a/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/OpenICFWebSocketSessionFactory.java +++ /dev/null @@ -1,48 +0,0 @@ -/* - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. - * - * Copyright (c) 2015 ForgeRock AS. All rights reserved. - * - * The contents of this file are subject to the terms - * of the Common Development and Distribution License - * (the License). You may not use this file except in - * compliance with the License. - * - * You can obtain a copy of the License at - * http://forgerock.org/license/CDDLv1.0.html - * See the License for the specific language governing - * permission and limitations under the License. - * - * When distributing Covered Code, include this CDDL - * Header Notice in each file and include the License file - * at http://forgerock.org/license/CDDLv1.0.html - * If applicable, add the following below the CDDL Header, - * with the fields enclosed by brackets [] replaced by - * your own identifying information: - * "Portions Copyrighted [year] [name of copyright owner]" - */ - -package org.forgerock.openicf.framework.server.jetty; - -import org.eclipse.jetty.websocket.common.WebSocketSessionFactory; -import org.eclipse.jetty.websocket.common.events.EventDriver; -import org.eclipse.jetty.websocket.common.events.JettyAnnotatedEventDriver; -import org.eclipse.jetty.websocket.common.events.JettyListenerEventDriver; -import org.eclipse.jetty.websocket.common.scopes.WebSocketContainerScope; - -public class OpenICFWebSocketSessionFactory extends WebSocketSessionFactory { - public OpenICFWebSocketSessionFactory(WebSocketContainerScope containerScope) { - super(containerScope); - } - - /*public OpenICFWebSocketSessionFactory(SessionListener... sessionListeners) { - super(sessionListeners); - }*/ - - @Override - public boolean supports(final EventDriver websocket) { - return (websocket instanceof JettyAnnotatedEventDriver) - || (websocket instanceof JettyListenerEventDriver) - || (websocket instanceof WebSocketListenerBridge); - } -} diff --git a/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/SinglePrincipal.java b/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/SinglePrincipal.java new file mode 100644 index 00000000..1eca6ad8 --- /dev/null +++ b/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/SinglePrincipal.java @@ -0,0 +1,229 @@ +/* + * The contents of this file are subject to the terms of the Common Development and + * Distribution License (the License). You may not use this file except in compliance with the + * License. + * + * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the + * specific language governing permission and limitations under the License. + * + * When distributing Covered Software, include this CDDL Header Notice in each file and include + * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL + * Header, with the fields enclosed by brackets [] replaced by your own identifying + * information: "Portions copyright [year] [name of copyright owner]". + * + * Copyright 2015-2016 ForgeRock AS. + * Portions copyright 2025 3A Systems LLC. + */ + + +package org.forgerock.openicf.framework.server.jetty; + +import org.eclipse.jetty.util.StringUtil; +import org.eclipse.jetty.util.log.Log; +import org.eclipse.jetty.util.log.Logger; +import org.eclipse.jetty.websocket.api.BatchMode; +import org.eclipse.jetty.websocket.api.Frame; +import org.eclipse.jetty.websocket.api.Session; +import org.eclipse.jetty.websocket.api.StatusCode; +import org.eclipse.jetty.websocket.api.WebSocketFrameListener; +import org.eclipse.jetty.websocket.api.WebSocketListener; +import org.eclipse.jetty.websocket.api.WebSocketPingPongListener; +import org.forgerock.openicf.common.protobuf.RPCMessages; +import org.forgerock.openicf.framework.ConnectorFramework; +import org.forgerock.openicf.framework.remote.ConnectionPrincipal; +import org.forgerock.openicf.framework.remote.rpc.OperationMessageListener; +import org.forgerock.openicf.framework.remote.rpc.RemoteOperationContext; +import org.forgerock.openicf.framework.remote.rpc.WebSocketConnectionGroup; +import org.forgerock.openicf.framework.remote.rpc.WebSocketConnectionHolder; +import org.forgerock.util.promise.Promises; +import org.identityconnectors.framework.common.exceptions.ConnectorIOException; + +import java.io.IOException; +import java.nio.ByteBuffer; +import java.util.concurrent.ConcurrentMap; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.Executors; +import java.util.concurrent.Future; + +public class SinglePrincipal extends ConnectionPrincipal implements + WebSocketPingPongListener, WebSocketListener, WebSocketFrameListener { + + + final String name; + final ConnectorFramework connectorFramework; + + public SinglePrincipal(final String name, + final OperationMessageListener listener, + final ConnectorFramework connectorFramework, + final ConcurrentMap globalConnectionGroups) { + super(listener, globalConnectionGroups); + this.name = name; + this.connectorFramework = connectorFramework; + } + + @Override + public String getName() { + return StringUtil.isBlank(name) ? super.getName() : name; + } + + public RemoteOperationContext handshake( + final WebSocketConnectionHolder webSocketConnection, + final RPCMessages.HandshakeMessage message) { + return super.handshake(webSocketConnection, message); + } + + protected void doClose() { + + } + + + @Override + protected void onNewWebSocketConnectionGroup(final WebSocketConnectionGroup connectionGroup) { + connectorFramework.getServerManager(getName()).addWebSocketConnectionGroup(connectionGroup); + } + + @Override + public void onWebSocketPing(ByteBuffer buffer) { + byte[] b = new byte[buffer.remaining()]; + buffer.get(b); + getConnectionPrincipal().getOperationMessageListener().onPing(adapter, b); + } + + @Override + public void onWebSocketPong(ByteBuffer buffer) { + byte[] b = new byte[buffer.remaining()]; + buffer.get(b); + getConnectionPrincipal().getOperationMessageListener().onPong(adapter, b); + } + + @Override + public void onWebSocketClose(int statusCode, String reason) { + if (hasCloseBeenCalled) { + return; + } + hasCloseBeenCalled = true; + getConnectionPrincipal().getOperationMessageListener().onClose(adapter, + statusCode, reason); + } + + Session session; + + @Override + public void onWebSocketConnect(Session session) { + WebSocketPingPongListener.super.onWebSocketConnect(session); + this.session = session; + getConnectionPrincipal().getOperationMessageListener().onConnect(adapter); + } + + Session getSession() { + return this.session; + } + + @Override + public void onWebSocketError(Throwable t) { + logger.debug("onError:", t); + getConnectionPrincipal().getOperationMessageListener().onError(t); + } + + @Override + public void onWebSocketBinary(byte[] payload, int offset, int len) { + logger.debug("onBinaryMessage('" + (null != payload ? payload.length : 0) + "')"); + getConnectionPrincipal().getOperationMessageListener().onMessage(adapter, payload); + } + + @Override + public void onWebSocketText(String message) { + logger.debug("onTextMessage('" + message + "')"); + getConnectionPrincipal().getOperationMessageListener().onMessage(adapter, message); + } + + @Override + public void onWebSocketFrame(Frame frame) { + logger.debug("onWebSocketFrame('" + frame + "')"); + } + + private static final Logger logger = Log.getLogger(SinglePrincipal.class); + private boolean hasCloseBeenCalled = false; + + private RemoteOperationContext context = null; + + private final WebSocketConnectionHolder adapter = new WebSocketConnectionHolder() { + + protected void handshake(RPCMessages.HandshakeMessage message) { + context = getConnectionPrincipal().handshake(this, message); + } + + public boolean isOperational() { + return getSession().isOpen(); + } + + public RemoteOperationContext getRemoteConnectionContext() { + return context; + } + + private final ExecutorService executorService = Executors.newFixedThreadPool(10); + + public Future sendBytes(byte[] data) { + if (isOperational()) { + return executorService.submit(() -> { + try { + getSession().getRemote().sendBytes(ByteBuffer.wrap(data)); + } catch (IOException e) { + throw new RuntimeException(e); + } + }); + } else { + return Promises.newExceptionPromise(new ConnectorIOException( + "Socket is not connected.")); + } + } + + public Future sendString(String data) { + if (isOperational()) { + return executorService.submit(() -> { + try { + getSession().getRemote().sendString(data); + } catch (IOException e) { + throw new RuntimeException(e); + } + }); + } else { + return Promises.newExceptionPromise(new ConnectorIOException( + "Socket is not connected.")); + } + } + + public void sendPing(byte[] applicationData) throws Exception { + if (isOperational()) { + getSession().getRemote().sendPing(ByteBuffer.wrap(applicationData)); + if (getSession().getRemote().getBatchMode() == BatchMode.ON) { + getSession().getRemote().flush(); + } + } else { + throw new ConnectorIOException("Socket is not connected."); + } + } + + public void sendPong(byte[] applicationData) throws Exception { + if (isOperational()) { + getSession().getRemote().sendPong(ByteBuffer.wrap(applicationData)); + if (getSession().getRemote().getBatchMode() == BatchMode.ON) { + getSession().getRemote().flush(); + } + } else { + throw new ConnectorIOException("Socket is not connected."); + } + } + + protected void tryClose() { + getSession().close(StatusCode.NORMAL, "TEST003"); + } + + }; + + protected ConnectionPrincipal getConnectionPrincipal() { + return this; + } + + +} diff --git a/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/WebSocketListenerBridge.java b/OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/WebSocketListenerBridge.java.disabled similarity index 100% rename from OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/WebSocketListenerBridge.java rename to OpenICF-java-framework/connector-server-jetty/src/main/java/org/forgerock/openicf/framework/server/jetty/WebSocketListenerBridge.java.disabled diff --git a/OpenICF-java-framework/connector-server-jetty/src/test/java/org/forgerock/openicf/framework/server/AsyncRemotePlainConnectorInfoManagerTest.java b/OpenICF-java-framework/connector-server-jetty/src/test/java/org/forgerock/openicf/framework/server/AsyncRemotePlainConnectorInfoManagerTest.java index b56c3c26..9c9e8091 100644 --- a/OpenICF-java-framework/connector-server-jetty/src/test/java/org/forgerock/openicf/framework/server/AsyncRemotePlainConnectorInfoManagerTest.java +++ b/OpenICF-java-framework/connector-server-jetty/src/test/java/org/forgerock/openicf/framework/server/AsyncRemotePlainConnectorInfoManagerTest.java @@ -12,6 +12,7 @@ * information: "Portions copyright [year] [name of copyright owner]". * * Copyright 2015-2016 ForgeRock AS. + * Portions copyright 2025 3A Systems LLC. */ package org.forgerock.openicf.framework.server; @@ -21,7 +22,9 @@ import java.net.URI; import java.net.URL; import java.net.URLDecoder; +import java.nio.charset.StandardCharsets; import java.util.Arrays; +import java.util.List; import java.util.concurrent.TimeUnit; import org.eclipse.jetty.http.HttpVersion; @@ -42,6 +45,8 @@ import org.eclipse.jetty.util.security.Constraint; import org.eclipse.jetty.util.security.Credential; import org.eclipse.jetty.util.ssl.SslContextFactory; +import org.eclipse.jetty.webapp.WebAppContext; +import org.eclipse.jetty.websocket.server.config.JettyWebSocketServletContainerInitializer; import org.forgerock.openicf.framework.AsyncConnectorInfoManagerTestBase; import org.forgerock.openicf.framework.ConnectorFramework; import org.forgerock.openicf.framework.ConnectorFrameworkFactory; @@ -50,7 +55,14 @@ import org.forgerock.openicf.framework.client.RemoteWSFrameworkConnectionInfo; import org.forgerock.openicf.framework.remote.ReferenceCountedObject; import org.forgerock.openicf.framework.server.jetty.OpenICFWebSocketServletBase; +import org.forgerock.util.Function; +import org.forgerock.util.promise.Promise; +import org.identityconnectors.common.StringUtil; +import org.identityconnectors.framework.api.APIConfiguration; +import org.identityconnectors.framework.api.ConfigurationProperties; +import org.identityconnectors.framework.api.ConnectorFacade; import org.identityconnectors.framework.api.ConnectorInfo; +import org.identityconnectors.framework.common.objects.ObjectClass; import org.identityconnectors.testconnector.TstConnector; import org.testng.Assert; import org.testng.ITestContext; @@ -110,7 +122,7 @@ private SecurityHandler getSecurityHandler() throws IOException { ConstraintSecurityHandler sh = new ConstraintSecurityHandler(); sh.setAuthenticator(new BasicAuthenticator()); - sh.setConstraintMappings(Arrays.asList(new ConstraintMapping[] { cm })); + sh.setConstraintMappings(List.of(cm)); HashLoginService loginService = new HashLoginService(); UserStore us=new UserStore(); @@ -123,7 +135,7 @@ private SecurityHandler getSecurityHandler() throws IOException { loginService.setUserStore(us); loginService.setName("OpenICF-Service"); sh.setLoginService(loginService); - sh.setConstraintMappings(Arrays.asList(new ConstraintMapping[] { cm })); + sh.setConstraintMappings(List.of(cm)); return sh; } @@ -147,7 +159,7 @@ protected void setupTest(ITestContext context) throws Exception { http.setIdleTimeout(30000); // HTTPS - SslContextFactory sslContextFactory = createSsllContextFactory(false); + SslContextFactory.Server sslContextFactory = createSsllContextFactory(false); // HTTPS Configuration HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); @@ -194,6 +206,8 @@ protected void setupTest(ITestContext context) throws Exception { handler.addServlet(holder, "/openicf/*"); + JettyWebSocketServletContainerInitializer.configure(handler, null); + SecurityHandler sh = getSecurityHandler(); sh.setHandler(handler); @@ -221,8 +235,8 @@ protected void shutdownTest(ITestContext context) throws Exception { Reporter.log("Jetty Server Stopped", true); } - private SslContextFactory createSsllContextFactory(boolean clientContext) { - final SslContextFactory sslContextFactory = new SslContextFactory(false); + private SslContextFactory.Server createSsllContextFactory(boolean clientContext) { + final SslContextFactory.Server sslContextFactory = new SslContextFactory.Server(); URL keystoreURL = AsyncRemotePlainConnectorInfoManagerTest.class.getClassLoader().getResource( diff --git a/OpenICF-java-framework/connector-server-jetty/src/test/java/org/forgerock/openicf/framework/server/OpenICFWebSocketServlet.java b/OpenICF-java-framework/connector-server-jetty/src/test/java/org/forgerock/openicf/framework/server/OpenICFWebSocketServlet.java index ff2e6631..a3ddeb1e 100644 --- a/OpenICF-java-framework/connector-server-jetty/src/test/java/org/forgerock/openicf/framework/server/OpenICFWebSocketServlet.java +++ b/OpenICF-java-framework/connector-server-jetty/src/test/java/org/forgerock/openicf/framework/server/OpenICFWebSocketServlet.java @@ -20,17 +20,17 @@ * with the fields enclosed by brackets [] replaced by * your own identifying information: * "Portions Copyrighted [year] [name of copyright owner]" + * + * Portions Copyrighted 2025 3A Systems LLC. */ package org.forgerock.openicf.framework.server; -import javax.servlet.annotation.WebServlet; - +import jakarta.servlet.annotation.WebServlet; import org.forgerock.openicf.framework.server.jetty.OpenICFWebSocketServletBase; @WebServlet(name = "OpenICF WebSocket Servlet", urlPatterns = { "/openicf" }) public class OpenICFWebSocketServlet extends OpenICFWebSocketServletBase { private static final long serialVersionUID = 1L; - } diff --git a/OpenICF-java-framework/connector-test-common/pom.xml b/OpenICF-java-framework/connector-test-common/pom.xml index 7baa4381..45f91fbb 100644 --- a/OpenICF-java-framework/connector-test-common/pom.xml +++ b/OpenICF-java-framework/connector-test-common/pom.xml @@ -28,7 +28,7 @@ org.openidentityplatform.openicf.framework framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT connector-test-common OpenICF Common Test Library diff --git a/OpenICF-java-framework/icfl-over-slf4j/pom.xml b/OpenICF-java-framework/icfl-over-slf4j/pom.xml index cc7f93f8..3d9bf2a8 100644 --- a/OpenICF-java-framework/icfl-over-slf4j/pom.xml +++ b/OpenICF-java-framework/icfl-over-slf4j/pom.xml @@ -21,13 +21,15 @@ with the fields enclosed by brackets [] replaced by your own identifying information: "Portions Copyrighted [year] [name of copyright owner]" + + Portions Copyrighted 2025 3A Systems LLC. --> 4.0.0 org.openidentityplatform.openicf.framework framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT icfl-over-slf4j bundle @@ -44,7 +46,6 @@ org.slf4j slf4j-api - ${slf4j.version} provided @@ -57,7 +58,6 @@ org.slf4j slf4j-jdk14 - ${slf4j.version} test diff --git a/OpenICF-java-framework/openicf-zip/pom.xml b/OpenICF-java-framework/openicf-zip/pom.xml index 4b8189e8..ba51ed25 100644 --- a/OpenICF-java-framework/openicf-zip/pom.xml +++ b/OpenICF-java-framework/openicf-zip/pom.xml @@ -27,7 +27,7 @@ org.openidentityplatform.openicf.framework framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT openicf-zip pom @@ -139,8 +139,8 @@ ${project.version} - javax.servlet - javax.servlet-api + jakarta.servlet + jakarta.servlet-api compile diff --git a/OpenICF-java-framework/openicf-zip/src/assembly/zip.xml b/OpenICF-java-framework/openicf-zip/src/assembly/zip.xml index 5bf5cf87..bfec5a88 100644 --- a/OpenICF-java-framework/openicf-zip/src/assembly/zip.xml +++ b/OpenICF-java-framework/openicf-zip/src/assembly/zip.xml @@ -94,7 +94,7 @@ org.codehaus.groovy.modules.http-builder:* org.openidentityplatform.openicf.connectors:ssh-connector:jar org.openidentityplatform.openicf.connectors:groovy-connector:jar - javax.servlet:* + jakarta.servlet:* diff --git a/OpenICF-java-framework/pom.xml b/OpenICF-java-framework/pom.xml index da450995..1bd80671 100644 --- a/OpenICF-java-framework/pom.xml +++ b/OpenICF-java-framework/pom.xml @@ -21,14 +21,15 @@ with the fields enclosed by brackets [] replaced by your own identifying information: "Portions Copyrighted [year] [name of copyright owner]" - Portions Copyrighted 2018-2024 3A Systems, LLC + + Portions Copyrighted 2018-2025 3A Systems, LLC --> 4.0.0 org.openidentityplatform openicf - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT org.openidentityplatform.openicf.framework framework @@ -52,8 +53,7 @@ Build-Jdk,Tool - 1.7.36 - 1.2.13 + 1.3.15 3.0.2 diff --git a/OpenICF-java-framework/testbundlev1/pom.xml b/OpenICF-java-framework/testbundlev1/pom.xml index 7185a14b..3c658ad4 100644 --- a/OpenICF-java-framework/testbundlev1/pom.xml +++ b/OpenICF-java-framework/testbundlev1/pom.xml @@ -27,7 +27,7 @@ org.openidentityplatform.openicf.framework framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT testbundlev1 OpenICF Common Test Library testbundlev1 diff --git a/OpenICF-java-framework/testbundlev2/pom.xml b/OpenICF-java-framework/testbundlev2/pom.xml index 03ed2ca0..02e12763 100644 --- a/OpenICF-java-framework/testbundlev2/pom.xml +++ b/OpenICF-java-framework/testbundlev2/pom.xml @@ -27,7 +27,7 @@ org.openidentityplatform.openicf.framework framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT testbundlev2 OpenICF Common Test Library testbundlev2 diff --git a/OpenICF-java-framework/testcommonv1/pom.xml b/OpenICF-java-framework/testcommonv1/pom.xml index 35459dbd..667ba1bc 100644 --- a/OpenICF-java-framework/testcommonv1/pom.xml +++ b/OpenICF-java-framework/testcommonv1/pom.xml @@ -27,7 +27,7 @@ org.openidentityplatform.openicf.framework framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT testcommonv1 OpenICF Common Test Library testcommonv1 diff --git a/OpenICF-java-framework/testcommonv2/pom.xml b/OpenICF-java-framework/testcommonv2/pom.xml index e8f7aafb..66c57b81 100644 --- a/OpenICF-java-framework/testcommonv2/pom.xml +++ b/OpenICF-java-framework/testcommonv2/pom.xml @@ -27,7 +27,7 @@ org.openidentityplatform.openicf.framework framework - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT testcommonv2 OpenICF Common Test Library testcommonv2 diff --git a/OpenICF-kerberos-connector/pom.xml b/OpenICF-kerberos-connector/pom.xml index 31ce27bf..3ec5724c 100644 --- a/OpenICF-kerberos-connector/pom.xml +++ b/OpenICF-kerberos-connector/pom.xml @@ -13,14 +13,14 @@ * information: "Portions copyright [year] [name of copyright owner]". * * Copyright 2016 ForgeRock AS. -* Portions Copyrighted 2018-2024 3A Systems, LLC +* Portions Copyrighted 2018-2025 3A Systems, LLC --> 4.0.0 org.openidentityplatform.openicf.connectors connectors-parent - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT ../OpenICF-java-framework/bundles-parent kerberos-connector @@ -79,6 +79,7 @@ 3.0.2 UTF-8 + 1.8 diff --git a/OpenICF-ldap-connector/pom.xml b/OpenICF-ldap-connector/pom.xml index a1e201eb..28fee1c6 100755 --- a/OpenICF-ldap-connector/pom.xml +++ b/OpenICF-ldap-connector/pom.xml @@ -22,14 +22,14 @@ your own identifying information: "Portions Copyrighted [year] [name of copyright owner]" - Portions Copyrighted 2018-2024 3A Systems, LLC + Portions Copyrighted 2018-2025 3A Systems, LLC --> 4.0.0 org.openidentityplatform.openicf.connectors connectors-parent - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT ../OpenICF-java-framework/bundles-parent org.openidentityplatform.openicf.connectors @@ -60,6 +60,10 @@ package com.sun.jndi.ldap does not exist --> + + --add-exports + java.naming/com.sun.jndi.ldap=ALL-UNNAMED + diff --git a/OpenICF-maven-plugin/pom.xml b/OpenICF-maven-plugin/pom.xml index 7c05e944..a6a5df0c 100644 --- a/OpenICF-maven-plugin/pom.xml +++ b/OpenICF-maven-plugin/pom.xml @@ -27,7 +27,7 @@ org.openidentityplatform openicf - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT org.openidentityplatform.openicf openicf-maven-plugin diff --git a/OpenICF-ssh-connector/pom.xml b/OpenICF-ssh-connector/pom.xml index 1148686f..d63b5009 100644 --- a/OpenICF-ssh-connector/pom.xml +++ b/OpenICF-ssh-connector/pom.xml @@ -23,7 +23,7 @@ ~ your own identifying information: ~ "Portions Copyrighted [year] [name of copyright owner]" ~ - ~ Portions Copyrighted 2018-2024 3A Systems, LLC + ~ Portions Copyrighted 2018-2025 3A Systems, LLC --> @@ -31,7 +31,7 @@ org.openidentityplatform.openicf.connectors connectors-parent - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT ../OpenICF-java-framework/bundles-parent org.openidentityplatform.openicf.connectors @@ -94,7 +94,7 @@ ch.qos.logback logback-classic - 1.2.13 + ${logback.version} @@ -105,6 +105,7 @@ 3.0.2 UTF-8 + 1.8 diff --git a/OpenICF-xml-connector/pom.xml b/OpenICF-xml-connector/pom.xml index 068c2bc1..61085f60 100644 --- a/OpenICF-xml-connector/pom.xml +++ b/OpenICF-xml-connector/pom.xml @@ -27,7 +27,7 @@ org.openidentityplatform.openicf.connectors connectors-parent - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT ../OpenICF-java-framework/bundles-parent org.openidentityplatform.openicf.connectors diff --git a/README.md b/README.md index e578c4f0..5d55a0a2 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ This project is licensed under the [Common Development and Distribution License * [groovy-connector](https://github.com/OpenIdentityPlatform/OpenICF/releases) * [kerberos-connector](https://github.com/OpenIdentityPlatform/OpenICF/releases) -Java 1.8+ required +Java 11 or later required ## How-to build For windows use: diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000..34f13e00 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,16 @@ +# Security Policy + +## Supported Versions + +Use this section to tell people about which versions of your project are +currently being supported with security updates. + +| Version | Java Versions Support | EE | Supported | +|---------|-----------------------|------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------| +| 2.x | 11 and later | Jakarta EE | :white_check_mark: Community support, [approved vendor support](https://github.com/OpenIdentityPlatform/.github/wiki/Approved-Vendor-List) | +| 1.6.x | 8 and later | Java EE | :white_check_mark: [Approved vendor support](https://github.com/OpenIdentityPlatform/.github/wiki/Approved-Vendor-List) | +| 1.5.x | 8 and later | Java EE | :white_check_mark: [Approved vendor support](https://github.com/OpenIdentityPlatform/.github/wiki/Approved-Vendor-List) | + +## Reporting a Vulnerability + +Please draft [security advisory](https://github.com/OpenIdentityPlatform/OpenICF/security/advisories/new) diff --git a/pom.xml b/pom.xml index 5dd54993..de08c11f 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 4.0.0 org.openidentityplatform openicf - 1.8.1-SNAPSHOT + 2.0.0-SNAPSHOT pom OpenICF @@ -38,8 +38,8 @@ 2018 https://github.com/OpenIdentityPlatform/OpenICF - 8 - 8 + 11 + 11 UTF-8 @@ -155,30 +155,6 @@ - - set-compiler-release - - [9,) - - - - - - org.apache.maven.plugins - maven-compiler-plugin - - true - 8 - - -XDignore.symbol.file - -Xlint:unchecked - - - - - - - jdk17.options @@ -201,7 +177,7 @@ org.openidentityplatform.opendj opendj-parent - 4.10.2 + 5.0.0-SNAPSHOT pom import @@ -297,6 +273,14 @@ org.apache.maven.plugins maven-compiler-plugin 3.13.0 + + true + ${maven.compiler.target} + + -XDignore.symbol.file + -Xlint:unchecked + + org.apache.maven.plugins @@ -347,7 +331,7 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.10.1 + 3.11.2 attach-javadocs @@ -359,6 +343,9 @@ none UTF-8 + + --add-exports java.naming/com.sun.jndi.ldap=ALL-UNNAMED +