This is an automated email from the ASF dual-hosted git repository.
lprimak pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/shiro.git
The following commit(s) were added to refs/heads/main by this push:
new 6f6cc13d0 bugfix: restored changes clobbered by previous merge
6f6cc13d0 is described below
commit 6f6cc13d0c226ef4580f21d5bda5a6e559f8ab93
Author: lprimak <[email protected]>
AuthorDate: Fri May 24 22:52:33 2024 -0500
bugfix: restored changes clobbered by previous merge
---
.github/workflows/codeql.yml | 8 ++++----
.github/workflows/maven.yml | 4 ++--
.github/workflows/scorecards.yml | 4 ++--
integration-tests/jakarta-ee/pom.xml | 2 +-
.../shiro/testing/jaxrs/tests/AbstractShiroJaxRsIT.java | 2 +-
pom.xml | 16 +++++++---------
samples/quickstart-guice/pom.xml | 2 +-
samples/quickstart/pom.xml | 2 +-
samples/spring-boot-3-web/pom.xml | 4 ++--
samples/spring/pom.xml | 2 +-
samples/web-jakarta/pom.xml | 2 +-
.../jaxrs/UnauthenticatedExceptionExceptionMapper.java | 4 ++--
.../web/jaxrs/UnauthorizedExceptionExceptionMapper.java | 6 +++---
.../UnauthorizedExceptionExceptionMapperTest.groovy | 6 +++---
14 files changed, 31 insertions(+), 33 deletions(-)
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 9feb4ddb9..4d57f0fe5 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -60,7 +60,7 @@ jobs:
steps:
- name: Checkout repository
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b #
v4.1.5
+ uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 #
v4.1.6
- name: Cache local Maven repository
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 #v4.0.2
@@ -71,7 +71,7 @@ jobs:
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
- uses:
github/codeql-action/init@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.13.4
+ uses:
github/codeql-action/init@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a
config file.
@@ -85,7 +85,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or
Java).
# If this step fails, then you should remove it and run the build
manually (see below)
- name: Autobuild
- uses:
github/codeql-action/autobuild@cdcdbb579706841c47f7063dda365e292e5cad7a #
v2.13.4
+ uses:
github/codeql-action/autobuild@9fdb3e49720b44c48891d036bb502feb25684276 #
v3.25.6
# âšī¸ Command-line programs to run using the OS shell.
# đ See
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -98,6 +98,6 @@ jobs:
# ./location_of_script_within_repo/buildscript.sh
- name: Perform CodeQL Analysis
- uses:
github/codeql-action/analyze@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.13.4
+ uses:
github/codeql-action/analyze@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6
with:
category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index eb1ab1c46..ffa5d40bf 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -33,7 +33,7 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b #
v4.1.5
+ uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 #
v4.1.6
- name: Set up JDK
uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 #
v4.2.1
@@ -77,7 +77,7 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b #
v4.1.5
+ uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 #
v4.1.6
- name: Set up JDK
uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 #
v4.2.1
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 003db62da..fc0755816 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -42,7 +42,7 @@ jobs:
steps:
- name: "Checkout code"
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b #
tag=v3.0.0
+ uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 #
tag=v3.0.0
with:
persist-credentials: false
@@ -74,6 +74,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
- uses:
github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a
#tag=v2
+ uses:
github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276
#tag=v2
with:
sarif_file: results.sarif
diff --git a/integration-tests/jakarta-ee/pom.xml
b/integration-tests/jakarta-ee/pom.xml
index 23459c1e0..71e071260 100644
--- a/integration-tests/jakarta-ee/pom.xml
+++ b/integration-tests/jakarta-ee/pom.xml
@@ -349,7 +349,7 @@
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
- <version>3.2.0</version>
+ <version>3.3.0</version>
<configuration>
<executable>${project.build.directory}/dependency/payara5/bin/${asadmin.cmd}</executable>
<skip>${payara.start.skip}</skip>
diff --git
a/integration-tests/jaxrs/tests/src/main/java/org/apache/shiro/testing/jaxrs/tests/AbstractShiroJaxRsIT.java
b/integration-tests/jaxrs/tests/src/main/java/org/apache/shiro/testing/jaxrs/tests/AbstractShiroJaxRsIT.java
index 9758c9d66..888074fd4 100644
---
a/integration-tests/jaxrs/tests/src/main/java/org/apache/shiro/testing/jaxrs/tests/AbstractShiroJaxRsIT.java
+++
b/integration-tests/jaxrs/tests/src/main/java/org/apache/shiro/testing/jaxrs/tests/AbstractShiroJaxRsIT.java
@@ -58,7 +58,7 @@ public abstract class AbstractShiroJaxRsIT {
final Response usersResponse =
usersTarget.request(MediaType.APPLICATION_JSON_TYPE)
.buildGet()
.invoke();
- assertEquals(Status.FORBIDDEN.getStatusCode(),
usersResponse.getStatus());
+ assertEquals(Status.UNAUTHORIZED.getStatusCode(),
usersResponse.getStatus());
}
@SuppressWarnings({"checkstyle:MagicNumber"})
diff --git a/pom.xml b/pom.xml
index 446a0a050..8b692d540 100644
--- a/pom.xml
+++ b/pom.xml
@@ -91,7 +91,7 @@
<commons.collection.version>3.2.2</commons.collection.version>
<commons.configuration2.version>2.10.1</commons.configuration2.version>
<commons.lang3.version>3.14.0</commons.lang3.version>
- <commons.logging.version>1.3.1</commons.logging.version>
+ <commons.logging.version>1.3.2</commons.logging.version>
<commons.text.version>1.8</commons.text.version>
<!-- Don't change this version without also changing the shiro-ehcache
and shiro-features
modules' OSGi metadata: -->
@@ -110,7 +110,7 @@
<quartz.docs.version>2.3.0</quartz.docs.version>
<slf4j.version>2.0.13</slf4j.version>
<log4j.version>2.23.1</log4j.version>
- <spring.version>5.3.34</spring.version>
+ <spring.version>5.3.36</spring.version>
<spring-boot.version>2.7.18</spring-boot.version>
<guice.version>4.2.3</guice.version>
<jaxrs.api.version>2.1.6</jaxrs.api.version>
@@ -119,8 +119,8 @@
<!-- Test 3rd-party dependencies: -->
<easymock.version>5.2.0</easymock.version>
- <mockito.version>5.11.0</mockito.version>
- <bytebuddy.version>1.14.15</bytebuddy.version>
+ <mockito.version>5.12.0</mockito.version>
+ <bytebuddy.version>1.14.16</bytebuddy.version>
<gmaven.version>3.0.2</gmaven.version>
<groovy.version>4.0.21</groovy.version>
<junit.version>5.10.2</junit.version>
@@ -311,8 +311,6 @@
<link>https://docs.spring.io/spring/docs/${spring.version}/javadoc-api/</link>
<link>https://docs.spring.io/spring-boot/docs/${spring-boot.version}/api/</link>
<link>https://junit.org/junit5/docs/${junit.version}/api/</link>
- <link>https://easymock.org/api/</link>
-
<link>https://javadoc.io/doc/org.mockito/mockito-core/${mockito.version}/org/mockito/Mockito.html</link>
<link>https://www.quartz-scheduler.org/api/${quartz.docs.version}/</link>
</links>
</configuration>
@@ -389,7 +387,7 @@
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>build-helper-maven-plugin</artifactId>
- <version>3.5.0</version>
+ <version>3.6.0</version>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
@@ -399,7 +397,7 @@
<plugin>
<groupId>com.mycila</groupId>
<artifactId>license-maven-plugin</artifactId>
- <version>4.4</version>
+ <version>4.5</version>
<configuration>
<aggregate>true</aggregate>
<header>${root.dir}/src/license/header.txt</header>
@@ -433,7 +431,7 @@
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
- <version>9.1.0</version>
+ <version>9.2.0</version>
</plugin>
<plugin>
<groupId>com.github.siom79.japicmp</groupId>
diff --git a/samples/quickstart-guice/pom.xml b/samples/quickstart-guice/pom.xml
index d8d940a65..caaff5fb3 100644
--- a/samples/quickstart-guice/pom.xml
+++ b/samples/quickstart-guice/pom.xml
@@ -38,7 +38,7 @@
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
- <version>3.2.0</version>
+ <version>3.3.0</version>
<executions>
<execution>
<goals>
diff --git a/samples/quickstart/pom.xml b/samples/quickstart/pom.xml
index b91c60604..44c9dff4e 100644
--- a/samples/quickstart/pom.xml
+++ b/samples/quickstart/pom.xml
@@ -40,7 +40,7 @@
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
- <version>3.2.0</version>
+ <version>3.3.0</version>
<executions>
<execution>
<goals>
diff --git a/samples/spring-boot-3-web/pom.xml
b/samples/spring-boot-3-web/pom.xml
index 5f181bf78..6319a721e 100644
--- a/samples/spring-boot-3-web/pom.xml
+++ b/samples/spring-boot-3-web/pom.xml
@@ -35,9 +35,9 @@
<properties>
<module.name>samples.spring.boot3.web</module.name>
- <spring-boot3.version>3.2.3</spring-boot3.version>
+ <spring-boot3.version>3.2.6</spring-boot3.version>
<!-- below versions are not necessary in "real" applications -->
- <spring.version>6.1.5</spring.version>
+ <spring.version>6.1.8</spring.version>
</properties>
<dependencies>
diff --git a/samples/spring/pom.xml b/samples/spring/pom.xml
index cda3d4e5f..780e828cd 100644
--- a/samples/spring/pom.xml
+++ b/samples/spring/pom.xml
@@ -72,7 +72,7 @@
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
- <version>3.2.0</version>
+ <version>3.3.0</version>
<configuration>
<mainClass>org.apache.shiro.samples.spring.CliApp</mainClass>
</configuration>
diff --git a/samples/web-jakarta/pom.xml b/samples/web-jakarta/pom.xml
index 05a18d005..3c40b85de 100644
--- a/samples/web-jakarta/pom.xml
+++ b/samples/web-jakarta/pom.xml
@@ -33,7 +33,7 @@
<properties>
<meecrowave.version>1.2.15</meecrowave.version>
- <tomcat.version>10.1.23</tomcat.version>
+ <tomcat.version>10.1.24</tomcat.version>
<jacoco.skip>true</jacoco.skip>
</properties>
diff --git
a/support/jaxrs/src/main/java/org/apache/shiro/web/jaxrs/UnauthenticatedExceptionExceptionMapper.java
b/support/jaxrs/src/main/java/org/apache/shiro/web/jaxrs/UnauthenticatedExceptionExceptionMapper.java
index 9b5cd8df2..a576aa40c 100644
---
a/support/jaxrs/src/main/java/org/apache/shiro/web/jaxrs/UnauthenticatedExceptionExceptionMapper.java
+++
b/support/jaxrs/src/main/java/org/apache/shiro/web/jaxrs/UnauthenticatedExceptionExceptionMapper.java
@@ -29,7 +29,7 @@ import javax.ws.rs.ext.ExceptionMapper;
/**
* JAX-RS exception mapper used to map Shiro {@link UnauthenticatedException}
to HTTP status codes.
- * {@link UnauthenticatedException} will be mapped to 403.
+ * {@link UnauthenticatedException} will be mapped to 401.
*
* @since 1.4
*/
@@ -43,6 +43,6 @@ public class UnauthenticatedExceptionExceptionMapper
implements ExceptionMapper<
LOG.debug("unauthenticated.", exception);
}
- return Response.status(Status.FORBIDDEN).build();
+ return Response.status(Status.UNAUTHORIZED).build();
}
}
diff --git
a/support/jaxrs/src/main/java/org/apache/shiro/web/jaxrs/UnauthorizedExceptionExceptionMapper.java
b/support/jaxrs/src/main/java/org/apache/shiro/web/jaxrs/UnauthorizedExceptionExceptionMapper.java
index 1fecea9f4..113be09db 100644
---
a/support/jaxrs/src/main/java/org/apache/shiro/web/jaxrs/UnauthorizedExceptionExceptionMapper.java
+++
b/support/jaxrs/src/main/java/org/apache/shiro/web/jaxrs/UnauthorizedExceptionExceptionMapper.java
@@ -29,7 +29,7 @@ import javax.ws.rs.ext.ExceptionMapper;
/**
* JAX-RS exception mapper used to map Shiro {@link UnauthorizedException} to
HTTP status codes.
- * {@link UnauthorizedException} will be mapped to 401.
+ * {@link UnauthorizedException} will be mapped to 403.
*
* @since 1.4
*/
@@ -41,9 +41,9 @@ public class UnauthorizedExceptionExceptionMapper implements
ExceptionMapper<Una
public Response toResponse(UnauthorizedException exception) {
if (LOG.isDebugEnabled()) {
- LOG.debug("unauthenticated.", exception);
+ LOG.debug("unauthorized.", exception);
}
- return Response.status(Status.UNAUTHORIZED).build();
+ return Response.status(Status.FORBIDDEN).build();
}
}
diff --git
a/support/jaxrs/src/test/groovy/org/apache/shiro/web/jaxrs/UnauthorizedExceptionExceptionMapperTest.groovy
b/support/jaxrs/src/test/groovy/org/apache/shiro/web/jaxrs/UnauthorizedExceptionExceptionMapperTest.groovy
index 3235abca8..3e9ac3f1e 100644
---
a/support/jaxrs/src/test/groovy/org/apache/shiro/web/jaxrs/UnauthorizedExceptionExceptionMapperTest.groovy
+++
b/support/jaxrs/src/test/groovy/org/apache/shiro/web/jaxrs/UnauthorizedExceptionExceptionMapperTest.groovy
@@ -37,9 +37,9 @@ class UnauthorizedExceptionExceptionMapperTest {
@Test
void testUnauthorizedException() {
- doTest(new UnauthorizedException("expected test exception."),
Response.Status.UNAUTHORIZED, new UnauthorizedExceptionExceptionMapper())
- doTest(new HostUnauthorizedException("expected test exception."),
Response.Status.UNAUTHORIZED, new UnauthorizedExceptionExceptionMapper())
- doTest(new UnauthenticatedException("expected test exception."),
Response.Status.FORBIDDEN, new UnauthenticatedExceptionExceptionMapper())
+ doTest(new UnauthorizedException("expected test exception."),
Response.Status.FORBIDDEN, new UnauthorizedExceptionExceptionMapper())
+ doTest(new HostUnauthorizedException("expected test exception."),
Response.Status.FORBIDDEN, new UnauthorizedExceptionExceptionMapper())
+ doTest(new UnauthenticatedException("expected test exception."),
Response.Status.UNAUTHORIZED, new UnauthenticatedExceptionExceptionMapper())
}
private static void doTest(AuthorizationException exception,
Response.StatusType expectedStatus, ExceptionMapper<? extends Throwable>
exceptionMapper) {
