Merge pull request #3062 from NationalSecurityAgency/t#3058/upgrade_s…

…pring_boot

T#3058/upgrade spring boot

pom.xml

@@ -32,9 +32,12 @@
         <guava.version>29.0-jre</guava.version>
 
         <!-- !!!!!IMPORTANT!!!!!: when changing the springboot.version property, make sure you also change it in the spring-boot-starter-parent definition -->
-        <springboot.version>3.2.12</springboot.version>
+        <springboot.version>3.4.1</springboot.version>
         <springcloud.version>3.1.1</springcloud.version>
 
+        <logback.version>1.5.15</logback.version>
+        <logback-access.version>2.0.5</logback-access.version>
+
         <greenmail.version>2.0.0</greenmail.version>
         <wiremock.version>2.27.2</wiremock.version>
         <owasp.encoder.version>1.2.3</owasp.encoder.version>
@@ -53,7 +56,7 @@
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
         <!-- !!!!!IMPORTANT!!!!!: when changing this version make sure to also update springboot.version property -->
-        <version>3.2.12</version>
+        <version>3.4.1</version>
         <relativePath/>
     </parent>
 

service/pom.xml

@@ -182,8 +182,14 @@
         </dependency>
 
         <dependency>
-            <groupId>ch.qos.logback</groupId>
-            <artifactId>logback-access</artifactId>
+            <groupId>ch.qos.logback.access</groupId>
+            <artifactId>logback-access-common</artifactId>
+            <version>${logback-access.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>ch.qos.logback.access</groupId>
+            <artifactId>logback-access-tomcat</artifactId>
+            <version>${logback-access.version}</version>
         </dependency>
 
         <dependency>
@@ -613,10 +619,12 @@
                                 <licenseMerge>The Apache Software License, Version 2.0|Apache License, version 2.0</licenseMerge>
                                 <licenseMerge>The Apache Software License, Version 2.0|Apache License 2.0</licenseMerge>
                                 <licenseMerge>The Apache Software License, Version 2.0|The Apache Software License, version 2.0</licenseMerge>
+                                <licenseMerge>The Apache Software License, Version 2.0|Apache License Version 2.0</licenseMerge>
                                 <licenseMerge>The MIT License|The MIT License (MIT)</licenseMerge>
                                 <licenseMerge>The MIT License|MIT License</licenseMerge>
                                 <licenseMerge>The MIT License|MIT license</licenseMerge>
                                 <licenseMerge>The MIT License|MIT-0</licenseMerge>
+                                <licenseMerge>The MIT License|MIT</licenseMerge>
                                 <licenseMerge>The GNU General Public License (GPL) Version 2 with the Classpath Exception|GPL2 w/ CPE</licenseMerge>
                                 <licenseMerge>Eclipse Public License - Version 1.0|Eclipse Public License - v 1.0|EPL 1.0</licenseMerge>
                                 <licenseMerge>Eclipse Public License - Version 2.0|Eclipse Public License - v 2.0</licenseMerge>

service/src/main/java/skills/TomcatConfig.groovy

@@ -15,8 +15,8 @@
  */
 package skills
 
-import ch.qos.logback.access.pattern.AccessConverter
-import ch.qos.logback.access.spi.IAccessEvent
+import ch.qos.logback.access.common.pattern.AccessConverter
+import ch.qos.logback.access.common.spi.IAccessEvent
 import ch.qos.logback.access.tomcat.LogbackValve
 import org.apache.catalina.connector.Connector
 import org.apache.coyote.http2.Http2Protocol
@@ -97,7 +97,7 @@ class TomcatConfig implements WebServerFactoryCustomizer<TomcatServletWebServerF
             }
         }
 
-        private String getSubjectDN(IAccessEvent accessEvent) {
+        private static String getSubjectDN(IAccessEvent accessEvent) {
             def certificateAttr = accessEvent.getRequest().getAttribute(CERT_HEADER)
             if (certificateAttr instanceof X509Certificate) {
                 return certificateAttr?.getSubjectX500Principal()?.name

service/src/main/java/skills/controller/exceptions/RestExceptionHandler.groovy

@@ -169,7 +169,7 @@ class RestExceptionHandler extends ResponseEntityExceptionHandler {
         return new ResponseEntity(body, HttpStatus.FORBIDDEN)
     }
 
-    @ExceptionHandler(AsyncRequestNotUsableException)
+    @Override
     protected ResponseEntity<Object> handleAsyncRequestNotUsableException(AsyncRequestNotUsableException ex, WebRequest request) {
         if (log.isTraceEnabled()) {
             log.trace("Received AsyncRequestNotUsableException", ex)

service/src/main/resources/application.yml

@@ -63,6 +63,9 @@ spring:
       location: ${java.io.tmpdir}
       max-file-size: ${skills.config.maxAttachmentSize}
       max-request-size: ${skills.config.maxAttachmentSize}
+#  http:
+#    client:
+#      factory: simple
 management:
   server:
     port: 8808

service/src/test/java/skills/intTests/utils/RestTemplateWrapper.groovy

@@ -88,8 +88,11 @@ class RestTemplateWrapper extends RestTemplate {
             HttpHeaders headers = response.getHeaders();
 
             List<String> returnedCookies = headers.getOrEmpty(HttpHeaders.SET_COOKIE)
-            if (returnedCookies && cookies == null) {
-                cookies = returnedCookies
+            if (returnedCookies /*&& cookies == null*/) {
+                if (cookies == null) {
+                    cookies = []
+                }
+                cookies.addAll(returnedCookies)
                 log.info("Setting cookies to {}", returnedCookies)
             }
             if (returnedCookies && !xsrfToken) {