Closes #668: upgrade jetty/servlet-api/jersey

docs-web-common/pom.xml

@@ -6,7 +6,7 @@
     <groupId>com.sismics.docs</groupId>
     <artifactId>docs-parent</artifactId>
     <version>1.12-SNAPSHOT</version>
-    <relativePath>..</relativePath>
+    <relativePath>../pom.xml</relativePath>
   </parent>
   
   <modelVersion>4.0.0</modelVersion>
@@ -54,8 +54,8 @@
     </dependency>
   
     <dependency>
-      <groupId>javax.servlet</groupId>
-      <artifactId>javax.servlet-api</artifactId>
+      <groupId>jakarta.servlet</groupId>
+      <artifactId>jakarta.servlet-api</artifactId>
       <scope>provided</scope>
     </dependency>
 

docs-web-common/src/main/java/com/sismics/rest/exception/ClientException.java

@@ -1,12 +1,11 @@
 package com.sismics.rest.exception;
 
+import jakarta.ws.rs.WebApplicationException;
+import jakarta.ws.rs.core.Response;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import javax.json.Json;
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.core.Response;
-import javax.ws.rs.core.Response.Status;
+import jakarta.json.Json;
 
 /**
  * Jersey exception encapsulating an error from the client (BAD_REQUEST).
@@ -43,7 +42,7 @@ public class ClientException extends WebApplicationException {
      * @param message Human readable error message
      */
     public ClientException(String type, String message) {
-        super(Response.status(Status.BAD_REQUEST).entity(Json.createObjectBuilder()
+        super(Response.status(Response.Status.BAD_REQUEST).entity(Json.createObjectBuilder()
             .add("type", type)
             .add("message", message).build()).build());
     }

docs-web-common/src/main/java/com/sismics/rest/exception/ForbiddenClientException.java

@@ -1,9 +1,9 @@
 package com.sismics.rest.exception;
 
-import javax.json.Json;
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.core.Response;
-import javax.ws.rs.core.Response.Status;
+import jakarta.json.Json;
+import jakarta.ws.rs.WebApplicationException;
+import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.Response.Status;
 
 /**
  * Unauthorized access to the resource exception.

docs-web-common/src/main/java/com/sismics/rest/exception/ServerException.java

@@ -1,9 +1,9 @@
 package com.sismics.rest.exception;
 
-import javax.json.Json;
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.core.Response;
-import javax.ws.rs.core.Response.Status;
+import jakarta.json.Json;
+import jakarta.ws.rs.WebApplicationException;
+import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.Response.Status;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

docs-web-common/src/main/java/com/sismics/rest/util/AclUtil.java

@@ -6,9 +6,9 @@ import com.sismics.docs.core.dao.AclDao;
 import com.sismics.docs.core.dao.dto.AclDto;
 import com.sismics.util.JsonUtil;
 
-import javax.json.Json;
-import javax.json.JsonArrayBuilder;
-import javax.json.JsonObjectBuilder;
+import jakarta.json.Json;
+import jakarta.json.JsonArrayBuilder;
+import jakarta.json.JsonObjectBuilder;
 import java.util.List;
 
 /**

docs-web-common/src/main/java/com/sismics/rest/util/RestUtil.java

@@ -6,8 +6,8 @@ import com.sismics.docs.core.util.FileUtil;
 import com.sismics.rest.exception.ServerException;
 import com.sismics.util.JsonUtil;
 
-import javax.json.Json;
-import javax.json.JsonObjectBuilder;
+import jakarta.json.Json;
+import jakarta.json.JsonObjectBuilder;
 import java.io.IOException;
 import java.nio.file.Files;
 

docs-web-common/src/main/java/com/sismics/util/filter/CorsFilter.java

@@ -2,9 +2,9 @@ package com.sismics.util.filter;
 
 import com.sismics.util.EnvironmentUtil;
 
-import javax.servlet.*;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.*;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 
 /**

docs-web-common/src/main/java/com/sismics/util/filter/HeaderBasedSecurityFilter.java

@@ -4,8 +4,8 @@ import com.google.common.base.Strings;
 import com.sismics.docs.core.dao.UserDao;
 import com.sismics.docs.core.model.jpa.User;
 
-import javax.servlet.FilterConfig;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.FilterConfig;
+import jakarta.servlet.http.HttpServletRequest;
 
 /**
  * A header-based security filter that authenticates an user using the "X-Authenticated-User" request header as the user ID.

docs-web-common/src/main/java/com/sismics/util/filter/RequestContextFilter.java

@@ -6,6 +6,9 @@ import com.sismics.docs.core.util.TransactionUtil;
 import com.sismics.util.EnvironmentUtil;
 import com.sismics.util.context.ThreadLocalContext;
 import com.sismics.util.jpa.EMF;
+import jakarta.servlet.*;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.ws.rs.core.HttpHeaders;
 import org.apache.log4j.Level;
 import org.apache.log4j.PatternLayout;
 import org.apache.log4j.RollingFileAppender;
@@ -13,11 +16,8 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.slf4j.bridge.SLF4JBridgeHandler;
 
-import javax.persistence.EntityManager;
-import javax.persistence.EntityTransaction;
-import javax.servlet.*;
-import javax.servlet.http.HttpServletResponse;
-import javax.ws.rs.core.HttpHeaders;
+import jakarta.persistence.EntityManager;
+import jakarta.persistence.EntityTransaction;
 import java.io.IOException;
 import java.text.MessageFormat;
 

docs-web-common/src/main/java/com/sismics/util/filter/SecurityFilter.java

@@ -13,8 +13,8 @@ import org.joda.time.DateTimeZone;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import javax.servlet.*;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.*;
+import jakarta.servlet.http.HttpServletRequest;
 import java.io.IOException;
 import java.util.HashSet;
 import java.util.List;

docs-web-common/src/main/java/com/sismics/util/filter/TokenBasedSecurityFilter.java

@@ -5,8 +5,8 @@ import com.sismics.docs.core.dao.UserDao;
 import com.sismics.docs.core.model.jpa.AuthenticationToken;
 import com.sismics.docs.core.model.jpa.User;
 
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
 import java.text.MessageFormat;
 import java.util.Date;
 

docs-web-common/src/main/java/com/sismics/util/listener/IIOProviderContextListener.java

@@ -0,0 +1,78 @@
+package com.sismics.util.listener;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import javax.imageio.ImageIO;
+import javax.imageio.spi.IIORegistry;
+import javax.imageio.spi.ServiceRegistry;
+import jakarta.servlet.ServletContext;
+import jakarta.servlet.ServletContextEvent;
+import jakarta.servlet.ServletContextListener;
+
+/**
+ * Takes care of registering and de-registering local ImageIO plugins (service providers) for the servlet context.
+ * <p>
+ * Registers all available plugins on {@code contextInitialized} event, using {@code ImageIO.scanForPlugins()}, to make
+ * sure they are available to the current servlet context.
+ * De-registers all plugins which have the {@link Thread#getContextClassLoader() current thread's context class loader}
+ * as its class loader on {@code contextDestroyed} event, to avoid class/resource leak.
+ * </p>
+ * Copied from: <a href="https://github.com/haraldk/TwelveMonkeys/blob/master/servlet/src/main/java/com/twelvemonkeys/servlet/image/IIOProviderContextListener.java">https://github.com/haraldk/TwelveMonkeys</a>
+ *
+ * @author <a href="mailto:harald.kuhr@gmail.com">Harald Kuhr</a>
+ * @author last modified by $Author: haraldk$
+ * @version $Id: IIOProviderContextListener.java,v 1.0 14.02.12 21:53 haraldk Exp$
+ * @see ImageIO#scanForPlugins()
+ */
+public final class IIOProviderContextListener implements ServletContextListener {
+    
+    public void contextInitialized(final ServletContextEvent event) {
+        event.getServletContext().log("Scanning for locally installed ImageIO plugin providers");
+
+        // Registers all locally available IIO plugins.
+        ImageIO.scanForPlugins();
+    }
+
+    public void contextDestroyed(final ServletContextEvent event) {
+        ServletContext servletContext = event.getServletContext();
+
+        // De-register any locally registered IIO plugins. Relies on each web app having its own context class loader.
+        LocalFilter localFilter = new LocalFilter(Thread.currentThread().getContextClassLoader()); // scanForPlugins uses context class loader
+
+        IIORegistry registry = IIORegistry.getDefaultInstance();
+        Iterator<Class<?>> categories = registry.getCategories();
+
+        while (categories.hasNext()) {
+            deregisterLocalProvidersForCategory(registry, localFilter, categories.next(), servletContext);
+        }
+    }
+
+    private static <T> void deregisterLocalProvidersForCategory(IIORegistry registry, LocalFilter localFilter, Class<T> category, ServletContext context) {
+        Iterator<T> providers = registry.getServiceProviders(category, localFilter, false);
+
+        // Copy the providers, as de-registering while iterating over providers will lead to ConcurrentModificationExceptions.
+        List<T> providersCopy = new ArrayList<>();
+        while (providers.hasNext()) {
+            providersCopy.add(providers.next());
+        }
+
+        for (T provider : providersCopy) {
+            registry.deregisterServiceProvider(provider, category);
+            context.log(String.format("Unregistered locally installed provider class: %s", provider.getClass()));
+        }
+    }
+
+    static class LocalFilter implements ServiceRegistry.Filter {
+        private final ClassLoader loader;
+
+        public LocalFilter(ClassLoader loader) {
+            this.loader = loader;
+        }
+
+        public boolean filter(Object provider) {
+            return provider.getClass().getClassLoader() == loader;
+        }
+    }
+}

docs-web-common/src/test/java/com/sismics/docs/rest/BaseJerseyTest.java

@@ -20,8 +20,8 @@ import org.subethamail.wiser.WiserMessage;
 
 import javax.mail.MessagingException;
 import javax.mail.internet.MimeMessage;
-import javax.ws.rs.core.Application;
-import javax.ws.rs.core.UriBuilder;
+import jakarta.ws.rs.core.Application;
+import jakarta.ws.rs.core.UriBuilder;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.net.URI;
@@ -90,7 +90,7 @@ public abstract class BaseJerseyTest extends JerseyTest {
 
         httpServer = HttpServer.createSimpleServer(getClass().getResource("/").getFile(), "localhost", getPort());
         WebappContext context = new WebappContext("GrizzlyContext", "/docs");
-        context.addListener("com.twelvemonkeys.servlet.image.IIOProviderContextListener");
+        context.addListener("com.sismics.util.listener.IIOProviderContextListener");
         context.addFilter("requestContextFilter", RequestContextFilter.class)
                 .addMappingForUrlPatterns(null, "/*");
         context.addFilter("tokenBasedSecurityFilter", TokenBasedSecurityFilter.class)

docs-web-common/src/test/java/com/sismics/docs/rest/util/ClientUtil.java

@@ -8,13 +8,13 @@ import org.glassfish.jersey.media.multipart.MultiPartFeature;
 import org.glassfish.jersey.media.multipart.file.StreamDataBodyPart;
 import org.junit.Assert;
 
-import javax.json.JsonObject;
-import javax.ws.rs.client.Entity;
-import javax.ws.rs.client.WebTarget;
-import javax.ws.rs.core.Form;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.NewCookie;
-import javax.ws.rs.core.Response;
+import jakarta.json.JsonObject;
+import jakarta.ws.rs.client.Entity;
+import jakarta.ws.rs.client.WebTarget;
+import jakarta.ws.rs.core.Form;
+import jakarta.ws.rs.core.MediaType;
+import jakarta.ws.rs.core.NewCookie;
+import jakarta.ws.rs.core.Response;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URISyntaxException;