feat: Upgrade To Tomcat 10 - Meeds-io/MIPs#76

This change will fork PL IDM to maintain compatibility with Tomcat 10 until this is reworked with more modern framework after Meeds-io/MIPs#57 is reworked.

agent/pom.xml

@@ -2,7 +2,6 @@
 	<parent>
 		<groupId>org.exoplatform.gatein.sso</groupId>
 		<artifactId>sso-parent</artifactId>
-		<relativePath>../pom.xml</relativePath>
 		<version>6.6.x-mips-SNAPSHOT</version>
 	</parent>
 
@@ -17,17 +16,17 @@
 
 	<dependencies>
 		<dependency>
-			<groupId>org.exoplatform.gatein.sso</groupId>
+			<groupId>${project.groupId}</groupId>
 			<artifactId>sso-auth-callback</artifactId>
 		</dependency>
 		<dependency>
-			<groupId>org.gatein.common</groupId>
-			<artifactId>common-common</artifactId>
+			<groupId>${project.groupId}</groupId>
+			<artifactId>sso-picketlink-saml</artifactId>
 		</dependency>
 		<dependency>
-			<groupId>org.apache.tomcat</groupId>
-			<artifactId>tomcat-catalina</artifactId>
-			<scope>provided</scope>
+			<groupId>org.gatein.common</groupId>
+			<artifactId>common-common</artifactId>
+      <scope>provided</scope>
 		</dependency>
 		<dependency>
 			<groupId>org.exoplatform.core</groupId>
@@ -44,21 +43,6 @@
 			<artifactId>httpclient</artifactId>
 			<scope>provided</scope>
 		</dependency>
-    <dependency>
-      <groupId>org.jboss.security</groupId>
-      <artifactId>jboss-negotiation-spnego</artifactId>
-      <scope>provided</scope>
-    </dependency>
-    <dependency>
-      <groupId>org.picketlink</groupId>
-      <artifactId>picketlink-federation</artifactId>
-      <scope>provided</scope>
-    </dependency>
-    <dependency>
-       <groupId>org.picketlink.distribution</groupId>
-       <artifactId>picketlink-wildfly8</artifactId>
-       <scope>provided</scope>
-    </dependency>
 		<dependency>
 			<groupId>org.mockito</groupId>
 			<artifactId>mockito-core</artifactId>

agent/src/main/java/org/gatein/sso/agent/GenericAgent.java

@@ -38,7 +38,7 @@
 import org.exoplatform.container.RootContainer;
 import org.exoplatform.services.organization.OrganizationService;
 
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
 
 /**
  * Base agent superclass used by other SSO agents (CAS, OpenAM)

agent/src/main/java/org/gatein/sso/agent/filter/AbstractLogoutFilter.java

@@ -30,13 +30,13 @@
 import java.io.UnsupportedEncodingException;
 import java.util.Map;
 
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpSession;
 
 /**
  * @author <a href="mailto:[email protected]">Sohil Shah</a>

agent/src/main/java/org/gatein/sso/agent/filter/InitiateLoginFilter.java

@@ -5,9 +5,9 @@
 
 import java.io.IOException;
 
-import javax.servlet.*;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.*;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 
 import org.apache.commons.lang.StringUtils;
 import org.exoplatform.services.log.ExoLogger;

agent/src/main/java/org/gatein/sso/agent/filter/LoginRedirectFilter.java

@@ -27,12 +27,12 @@
 
 import java.io.IOException;
 
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 
 
 /**

agent/src/main/java/org/gatein/sso/agent/filter/OpenSSOCDLoginRedirectFilter.java

@@ -27,7 +27,7 @@
 import org.exoplatform.services.log.Log;
 import org.gatein.sso.agent.opensso.OpenSSOAgentImpl;
 
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
 import java.io.UnsupportedEncodingException;
 import java.net.URLEncoder;
 import java.text.SimpleDateFormat;

agent/src/main/java/org/gatein/sso/agent/filter/OpenSSOLogoutFilter.java

@@ -22,7 +22,7 @@
 package org.gatein.sso.agent.filter;
 
 import java.net.URLEncoder;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
 
 //Works for GateIn Portal Logout URL = {AnyURL}?portal:componentId=UIPortal&portal:action=Logout
 

agent/src/main/java/org/gatein/sso/agent/filter/PicketlinkSTSIntegrationFilter.java

@@ -33,11 +33,11 @@
 import org.jboss.security.client.SecurityClientFactory;
 
 import javax.security.auth.Subject;
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
 import java.io.IOException;
 import java.security.AccessController;
 import java.security.PrivilegedAction;

agent/src/main/java/org/gatein/sso/agent/filter/api/AbstractSSOInterceptor.java

@@ -30,8 +30,8 @@
 import org.exoplatform.services.log.ExoLogger;
 import org.exoplatform.services.log.Log;
 
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
+import jakarta.servlet.FilterConfig;
+import jakarta.servlet.ServletException;
 
 /**
  * Base {@link SSOInterceptor} which adds possibility to be initialized either through Servlet API or through eXo kernel

agent/src/main/java/org/gatein/sso/agent/filter/api/SSOInterceptor.java

@@ -26,7 +26,7 @@
 import org.exoplatform.container.ExoContainerContext;
 import org.exoplatform.container.xml.InitParams;
 
-import javax.servlet.Filter;
+import jakarta.servlet.Filter;
 
 /**
  * SSOInterceptor is actually filter, which can be configured through exo kernel

agent/src/main/java/org/gatein/sso/agent/filter/api/SSOInterceptorInitializationContext.java

@@ -29,7 +29,7 @@
 import org.exoplatform.container.xml.InitParams;
 import org.exoplatform.container.xml.ValueParam;
 
-import javax.servlet.FilterConfig;
+import jakarta.servlet.FilterConfig;
 
 /**
  * Context, which encapsulates all initialization configuration about {@link SSOInterceptor} and is able to recognize

agent/src/main/java/org/gatein/sso/agent/login/SAML2IntegrationLoginModule.java

@@ -20,23 +20,26 @@
  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
  * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
  */
-
 package org.gatein.sso.agent.login;
 
+import java.security.Principal;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.LoginException;
+
+import org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule;
+
 import org.exoplatform.container.ExoContainer;
 import org.exoplatform.container.ExoContainerContext;
 import org.exoplatform.container.PortalContainer;
 import org.exoplatform.container.RootContainer;
+import org.exoplatform.services.log.ExoLogger;
+import org.exoplatform.services.log.Log;
 import org.exoplatform.services.security.Authenticator;
 import org.exoplatform.services.security.Identity;
 import org.exoplatform.services.security.UsernameCredential;
-import org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule;
-
-import javax.security.auth.Subject;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.login.LoginException;
-import java.security.Principal;
-import java.util.Map;
 
 /**
  * Login module for integration with GateIn. It's running on GateIn (SAML SP) side.
@@ -57,6 +60,8 @@ public class SAML2IntegrationLoginModule extends SAML2LoginModule
    // Default value is false, so we are preferring delegation to JbossLoginModule and using roles from portal DB.
    private static final String OPTION_USE_SAML_ROLES = "useSAMLRoles";
 
+   private static final Log     log                          = ExoLogger.getLogger(SAML2IntegrationLoginModule.class);
+
    private static final String[] ALL_VALID_OPTIONS =
    {
          OPTION_PORTAL_CONTAINER_NAME,
@@ -88,13 +93,11 @@ public void initialize(Subject subject, CallbackHandler callbackHandler, Map<Str
       String useSAMLRoles = (String)options.get(OPTION_USE_SAML_ROLES);
       this.useSAMLRoles = useSAMLRoles != null && "true".equals(useSAMLRoles);
 
-      if (log.isTraceEnabled())
-      {
-         log.trace("Using options: "
-               + OPTION_PORTAL_CONTAINER_NAME + "=" + this.portalContainerName
-               + ", " + OPTION_USE_SAML_ROLES + "=" + this.useSAMLRoles);
+      if (log.isTraceEnabled()) {
+        log.trace("Using options: " + OPTION_PORTAL_CONTAINER_NAME + "=" + this.portalContainerName + ", " +
+            OPTION_USE_SAML_ROLES + "=" + this.useSAMLRoles);
       }
-   }
+    }
 
    @Override
    public boolean login() throws javax.security.auth.login.LoginException 

agent/src/main/java/org/gatein/sso/agent/login/SSOLoginModule.java

@@ -27,7 +27,7 @@
 import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.login.LoginException;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
 
 import org.exoplatform.services.log.ExoLogger;
 import org.exoplatform.services.log.Log;
@@ -152,7 +152,7 @@ protected HttpServletRequest getCurrentHttpServletRequest()
       {
          try
          {
-            request = (HttpServletRequest)getContextMethod.invoke(null, "javax.servlet.http.HttpServletRequest");
+            request = (HttpServletRequest)getContextMethod.invoke(null, "jakarta.servlet.http.HttpServletRequest");
          }
          catch(Throwable e)
          {

agent/src/main/java/org/gatein/sso/agent/opensso/OpenSSOAgent.java

@@ -23,8 +23,8 @@
 
 package org.gatein.sso.agent.opensso;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 
 /**
  * Contract for OpenSSO agent

agent/src/main/java/org/gatein/sso/agent/opensso/OpenSSOAgentImpl.java

@@ -35,9 +35,9 @@
 import org.exoplatform.services.log.Log;
 import org.gatein.sso.agent.GenericAgent;
 
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.InputStream;
 import java.util.ArrayList;

agent/src/main/java/org/gatein/sso/agent/saml/PortalSAML2LogOutHandler.java

@@ -34,10 +34,10 @@
 import org.picketlink.identity.federation.web.core.HTTPContext;
 import org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import org.picketlink.common.exceptions.ProcessingException;
-import javax.servlet.http.Cookie;
+import jakarta.servlet.http.Cookie;
 
 /**
  * Extension of {@link SAML2LogOutHandler} because we need to enforce WCI (crossContext) logout in portal environment.