-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SHIRO-889] Provide Jakarta jar modules #522
Conversation
Maybe we can user undertow? Switched to non-TLS for test purposes. fpapon/shiro@SHIRO-889...apache:shiro:SHIRO-889_undertow WDYT? |
Thank you! I will take a look :) |
434b15f
to
5d7e615
Compare
.../web-jakarta/src/test/java/org/apache/shiro/test/web/jakarta/JakartaAbstractContainerIT.java
Outdated
Show resolved
Hide resolved
|
||
// Dealing with a keystore is NOT fun, it's easier to script one with the keytool | ||
// see src/main/resources/createKeyStore.sh for more info | ||
private static File setupKeyStore() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This can be removed, as this test now uses http which is sufficient
samples/web-jakarta/src/test/java/org/apache/shiro/test/web/jakarta/WebContainerTest.java
Outdated
Show resolved
Hide resolved
samples/web-jakarta/src/test/java/org/apache/shiro/test/web/jakarta/WebContainerTest.java
Outdated
Show resolved
Hide resolved
Question: why is there separate packages to be renamed in the shade plugin ? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great! Just some nits and some imports, then it is close-to-done (imho)!
import org.junit.Test; | ||
import org.junit.jupiter.api.Assertions; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You are mixing junit4 and junit-jupiter assertions here. Please completely switch to -jupiter for all new tests.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
... or maybe even assertj
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
assertj is not needed :)
final Client client = ClientBuilder.newClient(); | ||
|
||
try { | ||
final Response loginPage = client.target(getBaseUri()) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
response needs to be close()
d. However, you might be able to use auto-closeable. https://jakarta.ee/specifications/platform/8/apidocs/javax/ws/rs/core/response#close--
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
client is closed in finally so I don't think we need to close the response but I can close it also in finally.
final Cookie jsessionid = new Cookie("JSESSIONID",loginPage.getMetadata().get("Set-Cookie").get(0).toString().split(";")[0].split("=")[1]); | ||
Assertions.assertTrue(loginPage.readEntity(String.class).contains("loginform")); | ||
|
||
final Response loginAction = client.target(getBaseUri()) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same. Needs close()
.
color: black; | ||
background: #eee; | ||
border: thick black solid; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
line feed missing at end of file
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
weird because I copy/paste the web
module sample without modification...
--%> | ||
|
||
<%-- Forward the user to the home page --%> | ||
<jsp:forward page="home.jsp"/> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
line feed missing at EOF
<%@ page import="org.apache.shiro.SecurityUtils" %> | ||
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> | ||
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %> | ||
<%@ taglib prefix="shiro" uri="http://shiro.apache.org/tags" %> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LF at EOF
<p><a href="<c:url value="/logout"/>" onclick="document.getElementById('logout_form').submit();return false;">Log out.</a></p> | ||
<form id="logout_form" action="<c:url value="/logout"/>" method="post"></form> | ||
</body> | ||
</html> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+LF
@bmarwell changes done |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm +0.5, I worry a little about the jakarta
classifier, as the exclude * will drop all of the dependencies (so the user would probably need to add the other bits like shiro-core to their pom)
But... that's not the end of the world, and other projects are doing the same thing (e.g. meecrowave)
I think getting it in as is and getting feedback from interested parties makes it worth merging now.
(given other projects are doing something similar, I'm hesitant to try to suggest an over-engineered solution 🤣 :)
TL;DR - my opinion is to merge it
Hi, yes but honestly I don't know how to do it differently without a lot of code... |
Releasing takes time and effort, which will happen, just not right now. |
@fpapon exactly my concern too! Let’s move forward with this PR 🚢 |
Thanks, now I will prepare a PR for 1.11.x |
Hello everyone. First of all, a huge thanks on the work to provide the Jakarta JARs. Looking in the 2.0.0 nightly snapshots, I was able to find the artifacts over the shiro-web and shiro-spring modules, but I couldn't find them in the shiro-spring-boot, shiro-spring-boot-starter and shiro-spring-boot-web-started. Isn't needed to create the jakarta variant JAR/POM on the Spring Boot modules as well? |
@lucasdillmann I don't think Shiro spring is compatible with Spring 6 or SpringBoot 3 quite yet. Not sure if those modules can be currently done. I am not a Spring user so I can't comment further. |
@lprimak Is there any way I could help you guys in order to check/test if it's compatible? For example, if I create a test project with some basic scenarios as a POC (using a Shiro fork just to change to the Jakarta APIs on the boot modules), will it be useful in any way? |
If it's only that Jakarta relocations are needed, you can try to add the shade plugin in your fork the same way other modules are done. That would be very helpful and appreciated! |
I'll do it and get back here with the results soon. As far I've seen in the source code, the changes come down to one single import change in this file (apart from the dependency graph between the modules). |
@lprimak I finished the tests here using Spring Boot 3.0.1, and everything seems to be working just fine. The source code of the test project is available here. I didn't uplod the changes in the Shiro source, but it is just the inclusion of the maven-shade-plugin in the shiro-spring-boot module. In short, these are the (exploratory) tests I've made:
The only "problem" I've found is in the dependency management: If you check the build.gradle file here you will see that I needed to explicitly include every module with the jakarta variant and exclude the regular one. This happens because of the POM file contents, which bring the regular JAR as transitive. I don't know if this is expected or not and, if it isn't, if it should be changed or not. |
Can you please submit a PR for this? Sounds like a simple fix. Yes, the dependency management issue is expected. |
Sure. PR code is #632. |
No description provided.