diff --git a/changelog.txt b/changelog.txt
index 31eaaf0748f2f018c93ea51628eb11fe664db74a..5b221f6e8530d5e8fba13fbae287265a88f0e6a7 100644
--- a/changelog.txt
+++ b/changelog.txt
@@ -15,4 +15,5 @@ Domibus 4.2
smp.sso.cas.token.validation.urlpath: The CAS URL path for login. Complete URL is composed from parameters: ${smp.sso.cas.url}/${smp.sso.cas.urlpath.token.validation}.
smp.sso.cas.token.validation.params: The CAS token validation key:value properties separated with '|'.Ex: 'acceptStrengths:BASIC,CLIENT_CERT|assuranceLevel:TOP'
smp.sso.cas.token.validation.groups: The '|' separated CAS groups user must belong to.
+ smp.http.httpStrictTransportSecurity.maxAge: How long(in seconds) HSTS should last in the browser's cache(default one year)
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index 6ac20221ba0f2b82e36acf743ec80fbd3cc92927..00f83f505b4648343bfc1f6466a7937da514dc52 100644
--- a/pom.xml
+++ b/pom.xml
@@ -12,7 +12,7 @@
~ See the Licence for the specific language governing permissions and limitations under the Licence.
-->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>eu.europa.ec</groupId>
@@ -22,34 +22,81 @@
<version>4.2-SNAPSHOT</version>
<modules>
- <module>smp-parent-pom</module>
+ <!-- module>smp-parent-pom</module -->
<module>smp-api</module>
- <module>smp-angular</module>
+ <!-- module>smp-angular</module -->
<module>smp-server-library</module>
<module>smp-webapp</module>
</modules>
<properties>
+ <!-- Only selected modules are deployed -->
<maven.deploy.skip>true</maven.deploy.skip>
- <project.scm.id>edelivery-scm</project.scm.id>
+ <edelivery.ssl-auth.version>1.8</edelivery.ssl-auth.version>
+
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ <ant-commons-net.version>1.6.5</ant-commons-net.version>
+ <aspectj.version>1.8.6</aspectj.version>
+ <bdmsl.api.version>4.1.0</bdmsl.api.version>
+ <bouncycastle.version>1.69</bouncycastle.version>
+ <build.helper.maven.version>1.9.1</build.helper.maven.version>
+ <commons-beanutils.version>1.9.4</commons-beanutils.version>
+ <commons-collections.version>3.2.2</commons-collections.version>
+ <commons-io.version>2.4</commons-io.version>
+ <commons-lang3.version>3.12.0</commons-lang3.version>
+ <commons-net.version>1.4.1</commons-net.version>
+ <commons-validator.version>1.7</commons-validator.version>
+ <cxf-xjc-runtime.version>3.2.0</cxf-xjc-runtime.version>
+ <cxf.version>3.4.5</cxf.version>
+ <dnsjava.version>2.1.7</dnsjava.version>
+ <ehcache.version>2.10.6</ehcache.version>
+ <guava.version>24.1.1-jre</guava.version>
+ <h2.version>1.4.187</h2.version>
+ <hamcrest.version>2.0.0.0</hamcrest.version>
+ <hibernate-jpa.version>1.0.2.Final</hibernate-jpa.version>
+ <hibernate.validator.version>7.0.1.Final</hibernate.validator.version>
+ <hibernate.version>5.5.7.Final</hibernate.version>
+ <httpclient.version>4.5.13</httpclient.version>
+ <jackson.version>2.13.0</jackson.version>
+ <javaee-api.version>7.0</javaee-api.version>
+ <javax.annotation.version>1.3.2</javax.annotation.version>
+ <jaxb.version>2.2.11</jaxb.version>
+ <jaxb2-basics.version>1.11.1</jaxb2-basics.version>
+ <jstl.version>1.2</jstl.version>
+ <junit.version>4.12</junit.version>
+ <junitparams.version>1.0.5</junitparams.version>
+ <logback.version>1.2.10</logback.version>
+ <metro.version>2.2.1-1</metro.version>
+ <mockito.version>2.23.4</mockito.version>
+ <orika.version>1.4.6</orika.version>
+ <servlet-api.version>3.0.1</servlet-api.version>
+ <slf4j.version>1.7.32</slf4j.version>
+ <soapui.plugin.version>5.1.2</soapui.plugin.version>
+ <spring-modules-jakarta-commons.version>0.8</spring-modules-jakarta-commons.version>
+ <spring.boot.version>2.6.3</spring.boot.version>
+ <spring.security.version>5.6.1</spring.security.version>
+ <spring.version>5.3.15</spring.version>
+ <xmlunit.version>2.5.1</xmlunit.version>
+
+ <!-- jacoco, sonar code coverage settings start -->
+ <sonar.java.coveragePlugin>jacoco</sonar.java.coveragePlugin>
+ <sonar.jacoco.reportPath>${maven.multiModuleProjectDirectory}/code-coverage/jacoco-ut.exec
+ </sonar.jacoco.reportPath>
+ <sonar.jacoco.itReportPath>${maven.multiModuleProjectDirectory}/code-coverage/jacoco-it.exec
+ </sonar.jacoco.itReportPath>
+ <sonar.language>java</sonar.language>
+
<sonar.host.url>http://localhost:9000/sonar/</sonar.host.url>
<sonar.exclusions>**/smp/data/model/*,**/smp/data/ui/*, **/smp/ui/exception/*,**/smp/services/ui/filters/*,
**/smp/exceptions/*, **/smp/data/ui/enums/*, **/to_be_removed/*
</sonar.exclusions>
- <sonar.language>java</sonar.language>
- <!-- jacoco remote agent settings start -->
<sonar.jacoco.remotePort>${jacocoRemotePort}</sonar.jacoco.remotePort>
<sonar.jacoco.remoteAddress>${jacocoRemoteAddress}</sonar.jacoco.remoteAddress>
- <!-- jacoco remote agent settings end -->
- <!-- jacoco, sonar code coverage settings start -->
- <sonar.jacoco.codeCoveragePath>${maven.multiModuleProjectDirectory}/code-coverage</sonar.jacoco.codeCoveragePath>
- <sonar.jacoco.reportPath>${sonar.jacoco.codeCoveragePath}/jacoco-ut.exec</sonar.jacoco.reportPath>
- <sonar.maven.plugin.version>3.5.0.1254</sonar.maven.plugin.version>
<jacoco.maven.plugin.version>0.8.2</jacoco.maven.plugin.version>
-
- <!-- default value for deploy under Weblogic, etc -->
- <deployWarFolder>/home/edelivery/oracle/middleware/domains/bdmsl/autodeploy/</deployWarFolder>
+ <surefire.maven.plugin.version>2.22.1</surefire.maven.plugin.version>
+ <!-- latest version compatible with SonarQube 5.6 is: 3.3.0.603-->
+ <sonar.maven.plugin.version>3.5.0.1254</sonar.maven.plugin.version>
</properties>
<scm>
@@ -57,7 +104,6 @@
<tag>HEAD</tag>
</scm>
-
<pluginRepositories>
<pluginRepository>
<id>SmartBearPluginRepository</id>
@@ -69,6 +115,489 @@
</pluginRepository>
</pluginRepositories>
+ <repositories>
+ <repository>
+ <id>cefdigital-releases</id>
+ <url>https://ec.europa.eu/cefdigital/artifact/content/repositories/eDelivery/</url>
+ <releases>
+ <enabled>true</enabled>
+ </releases>
+ <snapshots>
+ <enabled>false</enabled>
+ </snapshots>
+ </repository>
+ <repository>
+ <id>cefdigital-snapshots</id>
+ <url>https://ec.europa.eu/cefdigital/artifact/content/repositories/eDelivery-snapshots/</url>
+ <releases>
+ <enabled>false</enabled>
+ </releases>
+ <snapshots>
+ <enabled>true</enabled>
+ </snapshots>
+ </repository>
+ <repository>
+ <id>cefdigital-thirdparty</id>
+ <url>https://ec.europa.eu/cefdigital/artifact/content/repositories/eDelivery-third-party/</url>
+ </repository>
+ </repositories>
+
+
+ <!-- Default version numbers to use -->
+ <dependencyManagement>
+ <dependencies>
+ <dependency>
+ <groupId>eu.europa.ec.edelivery</groupId>
+ <artifactId>edelivery-springsecurity-2-way-ssl-auth</artifactId>
+ <version>${edelivery.ssl-auth.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>eu.europa.ec.bdmsl</groupId>
+ <artifactId>bdmsl-api</artifactId>
+ <version>${bdmsl.api.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-frontend-jaxws</artifactId>
+ <version>${cxf.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-transports-http</artifactId>
+ <version>${cxf.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-ws-security</artifactId>
+ <version>${cxf.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-security</artifactId>
+ <version>${cxf.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-features-logging</artifactId>
+ <version>${cxf.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
+ <version>${httpclient.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>eu.europa.ec.cipa</groupId>
+ <artifactId>cipa-edelivery-common</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.hibernate.javax.persistence</groupId>
+ <artifactId>hibernate-jpa-2.1-api</artifactId>
+ <version>${hibernate-jpa.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate-core</artifactId>
+ <version>${hibernate.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate-entitymanager</artifactId>
+ <version>${hibernate.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate-validator</artifactId>
+ <version>${hibernate.validator}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate-envers</artifactId>
+ <version>${hibernate.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>com.h2database</groupId>
+ <artifactId>h2</artifactId>
+ <version>${h2.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ <version>${jaxb.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>com.sun.xml.bind</groupId>
+ <artifactId>jaxb-impl</artifactId>
+ <version>${jaxb.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>com.sun.xml.bind</groupId>
+ <artifactId>jaxb-core</artifactId>
+ <version>${jaxb.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-core</artifactId>
+ <version>${spring.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-oxm</artifactId>
+ <version>${spring.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-beans</artifactId>
+ <version>${spring.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-tx</artifactId>
+ <version>${spring.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-orm</artifactId>
+ <version>${spring.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-context</artifactId>
+ <version>${spring.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-context-support</artifactId>
+ <version>${spring.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-webmvc</artifactId>
+ <version>${spring.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-web</artifactId>
+ <version>${spring.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-jdbc</artifactId>
+ <version>${spring.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-core</artifactId>
+ <version>${spring.security.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-web</artifactId>
+ <version>${spring.security.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-config</artifactId>
+ <version>${spring.security.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-cas</artifactId>
+ <version>${spring.security.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-test</artifactId>
+ <version>${spring.security.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-test</artifactId>
+ <version>${spring.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>javax.annotation</groupId>
+ <artifactId>javax.annotation-api</artifactId>
+ <version>${javax.annotation.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.aspectj</groupId>
+ <artifactId>aspectjweaver</artifactId>
+ <version>${aspectj.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>ma.glasnost.orika</groupId>
+ <artifactId>orika-core</artifactId>
+ <version>${orika.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>com.google.guava</groupId>
+ <artifactId>guava</artifactId>
+ <version>${guava.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-classic</artifactId>
+ <version>${logback.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ <version>${slf4j.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-ext</artifactId>
+ <version>${slf4j.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jvnet.jaxb2_commons</groupId>
+ <artifactId>jaxb2-basics</artifactId>
+ <version>${jaxb2-basics.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.cxf.xjc-utils</groupId>
+ <artifactId>cxf-xjc-runtime</artifactId>
+ <version>${cxf-xjc-runtime.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.mockito</groupId>
+ <artifactId>mockito-core</artifactId>
+ <version>${mockito.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>${junit.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <!-- Jackson-->
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-databind</artifactId>
+ <version>${jackson.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-core</artifactId>
+ <version>${jackson.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-annotations</artifactId>
+ <version>${jackson.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.datatype</groupId>
+ <artifactId>jackson-datatype-jsr310</artifactId>
+ <version>${jackson.version}</version>
+ </dependency>
+ <!-- End Jackson-->
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-lang3</artifactId>
+ <version>${commons-lang3.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>javax</groupId>
+ <artifactId>javaee-api</artifactId>
+ <version>${javaee-api.version}</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>jstl</artifactId>
+ <version>${jstl.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>net.sf.ehcache</groupId>
+ <artifactId>ehcache</artifactId>
+ <version>${ehcache.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springmodules</groupId>
+ <artifactId>spring-modules-jakarta-commons</artifactId>
+ <version>${spring-modules-jakarta-commons.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcprov-jdk15on</artifactId>
+ <version>${bouncycastle.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcpkix-jdk15on</artifactId>
+ <version>${bouncycastle.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>dnsjava</groupId>
+ <artifactId>dnsjava</artifactId>
+ <version>${dnsjava.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>ant</groupId>
+ <artifactId>ant-commons-net</artifactId>
+ <version>${ant-commons-net.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-net</groupId>
+ <artifactId>commons-net</artifactId>
+ <version>${commons-net.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-validator</groupId>
+ <artifactId>commons-validator</artifactId>
+ <version>${commons-validator.version}</version>
+ </dependency>
+ <!-- commons-collections and commons-beanutils are transient dependencies of
+ slf4j: 1.7.32 and commons-validator: 1.7
+ they were upgraded because of OWASP reported ISSUE. When upgrading SLF4J check if this is still needed
+ -->
+ <dependency>
+ <groupId>commons-collections</groupId>
+ <artifactId>commons-collections</artifactId>
+ <version>${commons-collections.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>${commons-beanutils.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ <version>${commons-io.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>javax.servlet-api</artifactId>
+ <version>${servlet-api.version}</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>pl.pragmatists</groupId>
+ <artifactId>JUnitParams</artifactId>
+ <version>${junitparams.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.xmlunit</groupId>
+ <artifactId>xmlunit-core</artifactId>
+ <version>${xmlunit.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.xmlunit</groupId>
+ <artifactId>xmlunit-matchers</artifactId>
+ <version>${xmlunit.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.hamcrest</groupId>
+ <artifactId>hamcrest-junit</artifactId>
+ <version>${hamcrest.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <!-- Test dependencies -->
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-data-jpa</artifactId>
+ <version>${spring.boot.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-test</artifactId>
+ <version>${spring.boot.version}</version>
+ </dependency>
+ </dependencies>
+ </dependencyManagement>
+ <build>
+ <pluginManagement>
+ <plugins>
+ <plugin>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <version>${surefire.maven.plugin.version}</version>
+ </plugin>
+ <plugin>
+ <groupId>org.jacoco</groupId>
+ <artifactId>jacoco-maven-plugin</artifactId>
+ <version>${jacoco.maven.plugin.version}</version>
+ </plugin>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>sonar-maven-plugin</artifactId>
+ <version>${sonar.maven.plugin.version}</version>
+ </plugin>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>build-helper-maven-plugin</artifactId>
+ <version>${build.helper.maven.version}</version>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-codegen-plugin</artifactId>
+ <version>${cxf.version}</version>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.6</version>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-antrun-plugin</artifactId>
+ <version>1.8</version>
+ </plugin>
+ <plugin>
+ <groupId>com.smartbear.soapui</groupId>
+ <artifactId>soapui-pro-maven-plugin</artifactId>
+ <version>${soapui.plugin.version}</version>
+ </plugin>
+ <plugin>
+ <groupId>com.smartbear.soapui</groupId>
+ <artifactId>soapui-maven-plugin</artifactId>
+ <version>${soapui.plugin.version}</version>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <version>3.2</version>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>maven-bundle-plugin</artifactId>
+ <version>3.0.0</version>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-jar-plugin</artifactId>
+ <version>2.6</version>
+ </plugin>
+ </plugins>
+ </pluginManagement>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>sonar-maven-plugin</artifactId>
+ <version>${sonar.maven.plugin.version}</version>
+ </plugin>
+ <plugin>
+ <artifactId>maven-release-plugin</artifactId>
+ <version>2.5.3</version>
+ <configuration>
+ <autoVersionSubmodules>true</autoVersionSubmodules>
+ </configuration>
+ </plugin>
+ </plugins>
+
+ </build>
<profiles>
<!-- soap ui -->
<profile>
@@ -265,20 +794,5 @@
</build>
</profile>
</profiles>
- <build>
- <plugins>
- <plugin>
- <groupId>org.codehaus.mojo</groupId>
- <artifactId>sonar-maven-plugin</artifactId>
- <version>${sonar.maven.plugin.version}</version>
- </plugin>
- <plugin>
- <artifactId>maven-release-plugin</artifactId>
- <version>2.5.3</version>
- <configuration>
- <autoVersionSubmodules>true</autoVersionSubmodules>
- </configuration>
- </plugin>
- </plugins>
- </build>
+
</project>
diff --git a/smp-parent-pom/pom.xml b/smp-parent-pom/pom.xml
deleted file mode 100644
index aee3f39fbc36536a1fd3d527f775a368b18137e9..0000000000000000000000000000000000000000
--- a/smp-parent-pom/pom.xml
+++ /dev/null
@@ -1,742 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- ~ Copyright 2017 European Commission | CEF eDelivery
- ~
- ~ Licensed under the EUPL, Version 1.2 or – as soon they will be approved by the European Commission - subsequent versions of the EUPL (the "Licence");
- ~ You may not use this work except in compliance with the Licence.
- ~
- ~ You may obtain a copy of the Licence attached in file: LICENCE-EUPL-v1.2.pdf
- ~
- ~ Unless required by applicable law or agreed to in writing, software distributed under the Licence is distributed on an "AS IS" basis,
- ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- ~ See the Licence for the specific language governing permissions and limitations under the Licence.
- -->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <groupId>eu.europa.ec.edelivery</groupId>
- <artifactId>smp-parent-pom</artifactId>
- <version>4.2-SNAPSHOT</version>
- <packaging>pom</packaging>
- <name>smp-parent-pom</name>
- <description>SMP - CEF eDelivery</description>
-
- <!-- Used licenses -->
- <licenses>
- <license>
- <name>EUPL 1.2</name>
- <url>https://joinup.ec.europa.eu/software/page/eupl/licence-eupl</url>
- <distribution>repo</distribution>
- </license>
- </licenses>
-
- <!-- Where to deploy binaries -->
- <distributionManagement>
- <repository>
- <id>cefdigital-releases</id>
- <url>https://ec.europa.eu/cefdigital/artifact/content/repositories/eDelivery/</url>
- </repository>
- <snapshotRepository>
- <id>cefdigital-snapshots</id>
- <url>https://ec.europa.eu/cefdigital/artifact/content/repositories/eDelivery-snapshots/</url>
- </snapshotRepository>
- </distributionManagement>
-
- <!-- Properties for default plugins -->
- <properties>
- <!-- Only selected modules are deployed -->
- <maven.deploy.skip>true</maven.deploy.skip>
- <edelivery.ssl-auth.version>1.8</edelivery.ssl-auth.version>
-
- <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <slf4j.version>1.7.32</slf4j.version>
- <spring.version>5.3.15</spring.version>
- <spring.security.version>5.6.1</spring.security.version>
- <spring.boot.version>2.6.3</spring.boot.version>
- <bdmsl.api.version>4.1.0</bdmsl.api.version>
- <cxf.version>3.4.5</cxf.version>
- <cxf-xjc-runtime.version>3.2.0</cxf-xjc-runtime.version>
- <httpclient.version>4.5.13</httpclient.version>
- <build.helper.maven.version>1.9.1</build.helper.maven.version>
- <ehcache.version>2.10.6</ehcache.version>
- <spring-modules-jakarta-commons.version>0.8</spring-modules-jakarta-commons.version>
- <bouncycastle.version>1.69</bouncycastle.version>
- <dnsjava.version>2.1.7</dnsjava.version>
- <h2.version>1.4.187</h2.version>
- <jstl.version>1.2</jstl.version>
- <javaee-api.version>7.0</javaee-api.version>
- <commons-lang3.version>3.12.0</commons-lang3.version>
- <commons-validator.version>1.7</commons-validator.version>
- <commons-collections.version>3.2.2</commons-collections.version>
- <commons-beanutils.version>1.9.4</commons-beanutils.version>
- <junit.version>4.12</junit.version>
- <mockito.version>2.23.4</mockito.version>
- <guava.version>24.1.1-jre</guava.version>
- <orika.version>1.4.6</orika.version>
- <aspectj.version>1.8.6</aspectj.version>
- <jaxb.version>2.2.11</jaxb.version>
- <jaxb2-basics.version>1.11.1</jaxb2-basics.version>
- <javax.annotation.version>1.3.2</javax.annotation.version>
- <hibernate.version>5.5.7.Final</hibernate.version>
- <hibernate-jpa.version>1.0.2.Final</hibernate-jpa.version>
- <hibernate.validator.version>7.0.1.Final</hibernate.validator.version>
- <h2.version>1.4.187</h2.version>
- <soapui.plugin.version>5.1.2</soapui.plugin.version>
- <commons-net.version>1.4.1</commons-net.version>
- <ant-commons-net.version>1.6.5</ant-commons-net.version>
- <servlet-api.version>3.0.1</servlet-api.version>
- <metro.version>2.2.1-1</metro.version>
- <commons-io.version>2.4</commons-io.version>
- <junitparams.version>1.0.5</junitparams.version>
- <xmlunit.version>2.5.1</xmlunit.version>
- <hamcrest.version>2.0.0.0</hamcrest.version>
- <jackson.version>2.13.0</jackson.version>
- <logback.version>1.2.10</logback.version>
-
- <!-- jacoco, sonar code coverage settings start -->
- <sonar.java.coveragePlugin>jacoco</sonar.java.coveragePlugin>
- <sonar.jacoco.reportPath>${maven.multiModuleProjectDirectory}/code-coverage/jacoco-ut.exec
- </sonar.jacoco.reportPath>
- <sonar.jacoco.itReportPath>${maven.multiModuleProjectDirectory}/code-coverage/jacoco-it.exec
- </sonar.jacoco.itReportPath>
- <sonar.language>java</sonar.language>
-
-
- <jacoco.maven.plugin.version>0.8.2</jacoco.maven.plugin.version>
- <surefire.maven.plugin.version>2.22.1</surefire.maven.plugin.version>
- <!-- latest version compatible with SonarQube 5.6 is: 3.3.0.603-->
- <sonar.maven.plugin.version>3.5.0.1254</sonar.maven.plugin.version>
-
- </properties>
-
- <!-- Where are we looking for JARs? -->
- <pluginRepositories>
- <pluginRepository>
- <id>smartbear</id>
- <url>http://smartbearsoftware.com/repository/maven2</url>
- </pluginRepository>
- <pluginRepository>
- <id>webgate-digit-third-party</id>
- <url>https://webgate.ec.europa.eu/CITnet/nexus/content/repositories/thirdparty</url>
- </pluginRepository>
- <pluginRepository>
- <id>webgate-digit</id>
- <url>https://webgate.ec.europa.eu/CITnet/nexus/content/repositories/public</url>
- </pluginRepository>
- <pluginRepository>
- <id>webgate-digit-soapui</id>
- <url>https://webgate.ec.europa.eu/CITnet/nexus/content/repositories/soapui/</url>
- </pluginRepository>
- </pluginRepositories>
- <repositories>
- <repository>
- <id>cefdigital-releases</id>
- <url>https://ec.europa.eu/cefdigital/artifact/content/repositories/eDelivery/</url>
- <releases>
- <enabled>true</enabled>
- </releases>
- <snapshots>
- <enabled>false</enabled>
- </snapshots>
- </repository>
- <repository>
- <id>cefdigital-snapshots</id>
- <url>https://ec.europa.eu/cefdigital/artifact/content/repositories/eDelivery-snapshots/</url>
- <releases>
- <enabled>false</enabled>
- </releases>
- <snapshots>
- <enabled>true</enabled>
- </snapshots>
- </repository>
- <repository>
- <id>cefdigital-thirdparty</id>
- <url>https://ec.europa.eu/cefdigital/artifact/content/repositories/eDelivery-third-party/</url>
- </repository>
- <repository>
- <id>webgate-digit</id>
- <url>https://webgate.ec.europa.eu/CITnet/nexus/content/repositories/thirdparty</url>
- <releases>
- <enabled>true</enabled>
- </releases>
- <snapshots>
- <enabled>false</enabled>
- </snapshots>
- </repository>
- </repositories>
-
- <!-- Default version numbers to use -->
- <dependencyManagement>
- <dependencies>
- <dependency>
- <groupId>eu.europa.ec.edelivery</groupId>
- <artifactId>edelivery-springsecurity-2-way-ssl-auth</artifactId>
- <version>${edelivery.ssl-auth.version}</version>
- </dependency>
- <dependency>
- <groupId>eu.europa.ec.bdmsl</groupId>
- <artifactId>bdmsl-api</artifactId>
- <version>${bdmsl.api.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.cxf</groupId>
- <artifactId>cxf-rt-frontend-jaxws</artifactId>
- <version>${cxf.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.cxf</groupId>
- <artifactId>cxf-rt-transports-http</artifactId>
- <version>${cxf.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.cxf</groupId>
- <artifactId>cxf-rt-ws-security</artifactId>
- <version>${cxf.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.cxf</groupId>
- <artifactId>cxf-rt-security</artifactId>
- <version>${cxf.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.cxf</groupId>
- <artifactId>cxf-rt-features-logging</artifactId>
- <version>${cxf.version}</version>
- </dependency>
-
- <dependency>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpclient</artifactId>
- <version>${httpclient.version}</version>
- </dependency>
-
- <dependency>
- <groupId>eu.europa.ec.cipa</groupId>
- <artifactId>cipa-edelivery-common</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.hibernate.javax.persistence</groupId>
- <artifactId>hibernate-jpa-2.1-api</artifactId>
- <version>${hibernate-jpa.version}</version>
- </dependency>
- <dependency>
- <groupId>org.hibernate</groupId>
- <artifactId>hibernate-core</artifactId>
- <version>${hibernate.version}</version>
- </dependency>
- <dependency>
- <groupId>org.hibernate</groupId>
- <artifactId>hibernate-entitymanager</artifactId>
- <version>${hibernate.version}</version>
- </dependency>
- <dependency>
- <groupId>org.hibernate</groupId>
- <artifactId>hibernate-validator</artifactId>
- <version>${hibernate.validator}</version>
- </dependency>
- <dependency>
- <groupId>org.hibernate</groupId>
- <artifactId>hibernate-envers</artifactId>
- <version>${hibernate.version}</version>
- </dependency>
- <dependency>
- <groupId>com.h2database</groupId>
- <artifactId>h2</artifactId>
- <version>${h2.version}</version>
- </dependency>
- <dependency>
- <groupId>javax.xml.bind</groupId>
- <artifactId>jaxb-api</artifactId>
- <version>${jaxb.version}</version>
- </dependency>
- <dependency>
- <groupId>com.sun.xml.bind</groupId>
- <artifactId>jaxb-impl</artifactId>
- <version>${jaxb.version}</version>
- </dependency>
- <dependency>
- <groupId>com.sun.xml.bind</groupId>
- <artifactId>jaxb-core</artifactId>
- <version>${jaxb.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-core</artifactId>
- <version>${spring.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-oxm</artifactId>
- <version>${spring.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-beans</artifactId>
- <version>${spring.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-tx</artifactId>
- <version>${spring.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-orm</artifactId>
- <version>${spring.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-context</artifactId>
- <version>${spring.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-context-support</artifactId>
- <version>${spring.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-webmvc</artifactId>
- <version>${spring.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-web</artifactId>
- <version>${spring.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-jdbc</artifactId>
- <version>${spring.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework.security</groupId>
- <artifactId>spring-security-core</artifactId>
- <version>${spring.security.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework.security</groupId>
- <artifactId>spring-security-web</artifactId>
- <version>${spring.security.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework.security</groupId>
- <artifactId>spring-security-config</artifactId>
- <version>${spring.security.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework.security</groupId>
- <artifactId>spring-security-cas</artifactId>
- <version>${spring.security.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework.security</groupId>
- <artifactId>spring-security-test</artifactId>
- <version>${spring.security.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-test</artifactId>
- <version>${spring.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>javax.annotation</groupId>
- <artifactId>javax.annotation-api</artifactId>
- <version>${javax.annotation.version}</version>
- </dependency>
- <dependency>
- <groupId>org.aspectj</groupId>
- <artifactId>aspectjweaver</artifactId>
- <version>${aspectj.version}</version>
- </dependency>
- <dependency>
- <groupId>ma.glasnost.orika</groupId>
- <artifactId>orika-core</artifactId>
- <version>${orika.version}</version>
- </dependency>
- <dependency>
- <groupId>com.google.guava</groupId>
- <artifactId>guava</artifactId>
- <version>${guava.version}</version>
- </dependency>
- <dependency>
- <groupId>ch.qos.logback</groupId>
- <artifactId>logback-classic</artifactId>
- <version>${logback.version}</version>
- </dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-api</artifactId>
- <version>${slf4j.version}</version>
- </dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-ext</artifactId>
- <version>${slf4j.version}</version>
- </dependency>
- <dependency>
- <groupId>org.jvnet.jaxb2_commons</groupId>
- <artifactId>jaxb2-basics</artifactId>
- <version>${jaxb2-basics.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.cxf.xjc-utils</groupId>
- <artifactId>cxf-xjc-runtime</artifactId>
- <version>${cxf-xjc-runtime.version}</version>
- </dependency>
- <dependency>
- <groupId>org.mockito</groupId>
- <artifactId>mockito-core</artifactId>
- <version>${mockito.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <version>${junit.version}</version>
- <scope>test</scope>
- </dependency>
- <!-- Jackson-->
- <dependency>
- <groupId>com.fasterxml.jackson.core</groupId>
- <artifactId>jackson-databind</artifactId>
- <version>${jackson.version}</version>
- </dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.core</groupId>
- <artifactId>jackson-core</artifactId>
- <version>${jackson.version}</version>
- </dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.core</groupId>
- <artifactId>jackson-annotations</artifactId>
- <version>${jackson.version}</version>
- </dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.datatype</groupId>
- <artifactId>jackson-datatype-jsr310</artifactId>
- <version>${jackson.version}</version>
- </dependency>
- <!-- End Jackson-->
- <dependency>
- <groupId>org.apache.commons</groupId>
- <artifactId>commons-lang3</artifactId>
- <version>${commons-lang3.version}</version>
- </dependency>
- <dependency>
- <groupId>javax</groupId>
- <artifactId>javaee-api</artifactId>
- <version>${javaee-api.version}</version>
- <scope>compile</scope>
- </dependency>
- <dependency>
- <groupId>javax.servlet</groupId>
- <artifactId>jstl</artifactId>
- <version>${jstl.version}</version>
- </dependency>
- <dependency>
- <groupId>net.sf.ehcache</groupId>
- <artifactId>ehcache</artifactId>
- <version>${ehcache.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springmodules</groupId>
- <artifactId>spring-modules-jakarta-commons</artifactId>
- <version>${spring-modules-jakarta-commons.version}</version>
- </dependency>
- <dependency>
- <groupId>org.bouncycastle</groupId>
- <artifactId>bcprov-jdk15on</artifactId>
- <version>${bouncycastle.version}</version>
- </dependency>
- <dependency>
- <groupId>org.bouncycastle</groupId>
- <artifactId>bcpkix-jdk15on</artifactId>
- <version>${bouncycastle.version}</version>
- </dependency>
- <dependency>
- <groupId>dnsjava</groupId>
- <artifactId>dnsjava</artifactId>
- <version>${dnsjava.version}</version>
- </dependency>
-
- <dependency>
- <groupId>ant</groupId>
- <artifactId>ant-commons-net</artifactId>
- <version>${ant-commons-net.version}</version>
- </dependency>
- <dependency>
- <groupId>commons-net</groupId>
- <artifactId>commons-net</artifactId>
- <version>${commons-net.version}</version>
- </dependency>
- <dependency>
- <groupId>commons-validator</groupId>
- <artifactId>commons-validator</artifactId>
- <version>${commons-validator.version}</version>
- </dependency>
- <!-- commons-collections and commons-beanutils are transient dependencies of
- slf4j: 1.7.32 and commons-validator: 1.7
- they were upgraded because of OWASP reported ISSUE. When upgrading SLF4J check if this is still needed
- -->
- <dependency>
- <groupId>commons-collections</groupId>
- <artifactId>commons-collections</artifactId>
- <version>${commons-collections.version}</version>
- </dependency>
- <dependency>
- <groupId>commons-beanutils</groupId>
- <artifactId>commons-beanutils</artifactId>
- <version>${commons-beanutils.version}</version>
- </dependency>
- <dependency>
- <groupId>commons-io</groupId>
- <artifactId>commons-io</artifactId>
- <version>${commons-io.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>javax.servlet</groupId>
- <artifactId>javax.servlet-api</artifactId>
- <version>${servlet-api.version}</version>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>pl.pragmatists</groupId>
- <artifactId>JUnitParams</artifactId>
- <version>${junitparams.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.xmlunit</groupId>
- <artifactId>xmlunit-core</artifactId>
- <version>${xmlunit.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.xmlunit</groupId>
- <artifactId>xmlunit-matchers</artifactId>
- <version>${xmlunit.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.hamcrest</groupId>
- <artifactId>hamcrest-junit</artifactId>
- <version>${hamcrest.version}</version>
- <scope>test</scope>
- </dependency>
- <!-- Test dependencies -->
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-data-jpa</artifactId>
- <version>${spring.boot.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-test</artifactId>
- <version>${spring.boot.version}</version>
- </dependency>
- </dependencies>
- </dependencyManagement>
-
- <!-- Dependencies automatically included -->
- <dependencies>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <version>${junit.version}</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
-
- <!-- Build plugins -->
- <build>
- <pluginManagement>
- <plugins>
- <plugin>
- <artifactId>maven-surefire-plugin</artifactId>
- <version>${surefire.maven.plugin.version}</version>
- </plugin>
- <plugin>
- <groupId>org.jacoco</groupId>
- <artifactId>jacoco-maven-plugin</artifactId>
- <version>${jacoco.maven.plugin.version}</version>
- </plugin>
- <plugin>
- <groupId>org.codehaus.mojo</groupId>
- <artifactId>sonar-maven-plugin</artifactId>
- <version>${sonar.maven.plugin.version}</version>
- </plugin>
- <plugin>
- <groupId>org.codehaus.mojo</groupId>
- <artifactId>build-helper-maven-plugin</artifactId>
- <version>${build.helper.maven.version}</version>
- </plugin>
- <plugin>
- <groupId>org.apache.cxf</groupId>
- <artifactId>cxf-codegen-plugin</artifactId>
- <version>${cxf.version}</version>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-war-plugin</artifactId>
- <version>2.6</version>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-antrun-plugin</artifactId>
- <version>1.8</version>
- </plugin>
- <plugin>
- <groupId>com.smartbear.soapui</groupId>
- <artifactId>soapui-pro-maven-plugin</artifactId>
- <version>${soapui.plugin.version}</version>
- </plugin>
- <plugin>
- <groupId>com.smartbear.soapui</groupId>
- <artifactId>soapui-maven-plugin</artifactId>
- <version>${soapui.plugin.version}</version>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-compiler-plugin</artifactId>
- <version>3.2</version>
- </plugin>
- <plugin>
- <groupId>org.apache.felix</groupId>
- <artifactId>maven-bundle-plugin</artifactId>
- <version>3.0.0</version>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-jar-plugin</artifactId>
- <version>2.6</version>
- </plugin>
- </plugins>
- </pluginManagement>
-
- <plugins>
- <!-- Compile as Java 1.8 code (lifecycle: compile) -->
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-compiler-plugin</artifactId>
- <configuration>
- <!-- fork needs to be false to compile JAXB resources. Otherwise the
- problem with the forward slash in package-info.java on Windows occurs! -->
- <fork>false</fork>
- <source>1.8</source>
- <target>1.8</target>
- <showWarnings>true</showWarnings>
- <maxmem>768m</maxmem>
- <compilerArguments>
- <encoding>${project.build.sourceEncoding}</encoding>
- </compilerArguments>
- </configuration>
- </plugin>
-
- <!-- unit tests, surefire plugin -->
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-surefire-plugin</artifactId>
- <configuration>
- <reportsDirectory>${maven.multiModuleProjectDirectory}/code-coverage/surefire-reports
- </reportsDirectory>
- </configuration>
- <executions>
- <execution>
- <id>default-test</id>
- <configuration>
- <argLine>-server -ea -Duser.language=en -Xms512m -Xmx1024m ${surefire.argline}
- </argLine>
- <includes>
- <include>**/*Test.java</include>
- </includes>
- <excludes>
- <exclude>**/*IntegrationTest.java</exclude>
- </excludes>
- </configuration>
- </execution>
- </executions>
- </plugin>
-
- <!-- integration tests, failsafe plugin -->
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-failsafe-plugin</artifactId>
- <version>2.19.1</version>
- <configuration>
- <reportsDirectory>${maven.multiModuleProjectDirectory}/code-coverage/failsafe-reports
- </reportsDirectory>
- </configuration>
- <executions>
- <execution>
- <id>integration-tests</id>
- <phase>integration-test</phase>
- <goals>
- <goal>integration-test</goal>
- <goal>verify</goal>
- </goals>
- <configuration>
- <!-- Sets the VM argument line used when integration tests are run. -->
- <argLine>-server -ea -Xms512m -Xmx1024m -Duser.language=en ${failsafe.argline}
- </argLine>
-
- <includes>
- <include>**/*IntegrationTest.java</include>
- </includes>
- <!-- Skips integration tests if the value of skipITs property is true-->
- <skipTests>${skipITs}</skipTests>
-
- </configuration>
- </execution>
- </executions>
- <dependencies>
- <dependency>
- <groupId>org.apache.maven.surefire</groupId>
- <artifactId>surefire-junit47</artifactId>
- <version>2.19.1</version>
- </dependency>
- </dependencies>
- </plugin>
-
- <!-- jacoco start -->
- <plugin>
- <groupId>org.jacoco</groupId>
- <artifactId>jacoco-maven-plugin</artifactId>
- <version>${jacoco.maven.plugin.version}</version>
- <executions>
- <execution>
- <id>pre-unit-test</id>
- <goals>
- <goal>prepare-agent</goal>
- </goals>
- <configuration>
- <destFile>${sonar.jacoco.reportPath}</destFile>
- <propertyName>surefire.argline</propertyName>
- <append>true</append>
- </configuration>
- </execution>
-
- <execution>
- <id>pre-integration-test</id>
- <phase>pre-integration-test</phase>
- <goals>
- <goal>prepare-agent-integration</goal>
- </goals>
- <configuration>
- <!-- Sets the path to the file which contains the execution data. -->
- <destFile>${sonar.jacoco.itReportPath}</destFile>
- <propertyName>failsafe.argline</propertyName>
- <append>true</append>
- </configuration>
- </execution>
- </executions>
- </plugin>
- <!-- jacoco end -->
- </plugins>
- </build>
-</project>
diff --git a/smp-parent-pom/settings.xml b/smp-parent-pom/settings.xml
deleted file mode 100644
index fe17e7035b28493aabb207e21c6fffb4c1379165..0000000000000000000000000000000000000000
--- a/smp-parent-pom/settings.xml
+++ /dev/null
@@ -1,100 +0,0 @@
-<!--
- ~ Copyright 2017 European Commission | CEF eDelivery
- ~
- ~ Licensed under the EUPL, Version 1.2 or – as soon they will be approved by the European Commission - subsequent versions of the EUPL (the "Licence");
- ~ You may not use this work except in compliance with the Licence.
- ~
- ~ You may obtain a copy of the Licence attached in file: LICENCE-EUPL-v1.2.pdf
- ~
- ~ Unless required by applicable law or agreed to in writing, software distributed under the Licence is distributed on an "AS IS" basis,
- ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- ~ See the Licence for the specific language governing permissions and limitations under the Licence.
- -->
-
-<settings>
- <proxies>
- <proxy>
- <id>httpProxy</id>
- <active>true</active>
- <protocol>http</protocol>
- <host>158.169.9.13</host>
- <port>8012</port>
- <username>j50b107</username>
- <password>{AP1hP8sE97kHFzAatQGzaaiQPGFrOMDFUZFfG3xTxOs=}</password>
- </proxy>
- <proxy>
- <id>httpsProxy</id>
- <active>true</active>
- <protocol>https</protocol>
- <host>158.169.9.13</host>
- <port>8012</port>
- <username>j50b107</username>
- <password>{AP1hP8sE97kHFzAatQGzaaiQPGFrOMDFUZFfG3xTxOs=}</password>
- </proxy>
- </proxies>
- <mirrors>
- <mirror>
- <id>internal-repository</id>
- <name>Maven Repository Manager running on repo.mycompany.com</name>
- <url>https://joinup.ec.europa.eu/nexus/content/groups/public</url>
- <mirrorOf>open-saml</mirrorOf>
- </mirror>
- </mirrors>
- <servers>
- <server>
- <id>edelivery-snapshots</id>
- <username>gutowpa</username>
- <password>{2y/aQkOSNGYHhuusKhaDwLP/lm5YFzlJwyjUWXFDh74=}</password>
- </server>
- <server>
- <id>edelivery-releases</id>
- <username>gutowpa</username>
- <password>{2y/aQkOSNGYHhuusKhaDwLP/lm5YFzlJwyjUWXFDh74=}</password>
- </server>
- <server>
- <id>cefdigital-snapshots</id>
- <username>j50b107</username>
- <password>{AP1hP8sE97kHFzAatQGzaaiQPGFrOMDFUZFfG3xTxOs=}</password>
- </server>
- <server>
- <id>cefdigital-releases</id>
- <username>j50b107</username>
- <password>{AP1hP8sE97kHFzAatQGzaaiQPGFrOMDFUZFfG3xTxOs=}</password>
- </server>
- <server>
- <id>cefdigital-thirdparty</id>
- <username>gutowpa</username>
- <password>{2y/aQkOSNGYHhuusKhaDwLP/lm5YFzlJwyjUWXFDh74=}</password>
- </server>
- <server>
- <id>webgate-digit</id>
- <username>j50b107</username>
- <password>{AP1hP8sE97kHFzAatQGzaaiQPGFrOMDFUZFfG3xTxOs=}</password>
- </server>
- <server>
- <id>webgate-digit-third-party</id>
- <username>j50b107</username>
- <password>{AP1hP8sE97kHFzAatQGzaaiQPGFrOMDFUZFfG3xTxOs=}</password>
- </server>
- <server>
- <id>webgate-digit-soapui</id>
- <username>j50b107</username>
- <password>{AP1hP8sE97kHFzAatQGzaaiQPGFrOMDFUZFfG3xTxOs=}</password>
- </server>
- <server>
- <id>joinup-releases</id>
- <username>j50b107</username>
- <password>{AP1hP8sE97kHFzAatQGzaaiQPGFrOMDFUZFfG3xTxOs=}</password>
- </server>
- <server>
- <id>joinup-snapshots</id>
- <username>j50b107</username>
- <password>{AP1hP8sE97kHFzAatQGzaaiQPGFrOMDFUZFfG3xTxOs=}</password>
- </server>
- <server>
- <id>joinup-3rdparty</id>
- <username>j50b107</username>
- <password>{AP1hP8sE97kHFzAatQGzaaiQPGFrOMDFUZFfG3xTxOs=}</password>
- </server>
- </servers>
-</settings>
\ No newline at end of file
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/enums/SMPPropertyEnum.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/enums/SMPPropertyEnum.java
index 86cbd2e63aa34f9285708cf7741f7bde98b0bf85..186d62e210db71ee4ac333f7c7bb5e86662c634a 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/enums/SMPPropertyEnum.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/data/ui/enums/SMPPropertyEnum.java
@@ -12,6 +12,7 @@ public enum SMPPropertyEnum {
OUTPUT_CONTEXT_PATH ("contextPath.output","true","This property controls pattern of URLs produced by SMP in GET ServiceGroup responses." , true, false,true, SMPPropertyTypeEnum.BOOLEAN),
HTTP_FORWARDED_HEADERS_ENABLED ("smp.http.forwarded.headers.enabled","false","Use (value true) or remove (value false) forwarded headers! There are security considerations for forwarded headers since an application cannot know if the headers were added by a proxy, as intended, or by a malicious client." , false, false,false, SMPPropertyTypeEnum.BOOLEAN),
+ HTTP_HSTS_MAX_AGE("smp.http.httpStrictTransportSecurity.maxAge","31536000","How long(in seconds) HSTS should last in the browser's cache(default one year)", false, false,true, SMPPropertyTypeEnum.INTEGER),
HTTP_PROXY_HOST("smp.proxy.host", "", "The http proxy host", false,false,false, SMPPropertyTypeEnum.STRING),
HTTP_NO_PROXY_HOSTS("smp.noproxy.hosts", "localhost|127.0.0.1", "list of nor proxy hosts. Ex.: localhost|127.0.0.1", false,false,false, SMPPropertyTypeEnum.STRING),
@@ -60,7 +61,7 @@ public enum SMPPropertyEnum {
UI_COOKIE_SESSION_SECURE("smp.ui.session.secure","false","Cookie is only sent to the server when a request is made with the https: scheme (except on localhost), and therefore is more resistant to man-in-the-middle attacks.", false, false,false, SMPPropertyTypeEnum.BOOLEAN),
UI_COOKIE_SESSION_MAX_AGE("smp.ui.session.max-age","","Number of seconds until the cookie expires. A zero or negative number will expire the cookie immediately. Empty value will not set parameter", false, false,false, SMPPropertyTypeEnum.INTEGER),
UI_COOKIE_SESSION_SITE("smp.ui.session.strict","Lax","Controls whether a cookie is sent with cross-origin requests, providing some protection against cross-site request forgery attacks. Possible values are: Strict, None, Lax. (Cookies with SameSite=None require a secure context/HTTPS)!!)", false, false,false, SMPPropertyTypeEnum.STRING),
- UI_COOKIE_SESSION_PATH("smp.ui.session.path","","A path that must exist in the requested URL, or the browser won't send the Cookie header. Null/Empty value sets the authentication requests context by default. The forward slash (/) character is interpreted as a directory separator, and subdirectories will be matched as well: for Path=/docs, /docs, /docs/Web/, and /docs/Web/HTTP will all match", false, false,false, SMPPropertyTypeEnum.STRING),
+ UI_COOKIE_SESSION_PATH("smp.ui.session.path","","A path that must exist in the requested URL, or the browser won't send the Cookie header. Null/Empty value sets the authentication requests context by default. The forward slash (/) character is interpreted as a directory separator, and subdirectories will be matched as well: for Path=/docs, /docs, /docs/Web/, and /docs/Web/HTTP will all match", false, false,false, SMPPropertyTypeEnum.STRING),
UI_COOKIE_SESSION_IDLE_TIMEOUT_ADMIN("smp.ui.session.idle_timeout.admin","300","Specifies the time, in seconds, between client requests before the SMP will invalidate session for ADMIN users (System)!", false, false,false, SMPPropertyTypeEnum.INTEGER),
UI_COOKIE_SESSION_IDLE_TIMEOUT_USER("smp.ui.session.idle_timeout.user","1800","Specifies the time, in seconds, between client requests before the SMP will invalidate session for users (Service group, SMP Admin)", false, false,false, SMPPropertyTypeEnum.INTEGER),
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ConfigurationService.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ConfigurationService.java
index 1cb601ee467bf537af2025b31941aa67e2a079b5..05393baa26543fa703381e1fe4a26f997a8dabff 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ConfigurationService.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ConfigurationService.java
@@ -69,6 +69,10 @@ public class ConfigurationService {
return configurationDAO.getCachedProperty(PARTC_SCH_REGEXP_MSG);
}
+ public Integer getHttpHeaderHstsMaxAge() {
+ return (Integer) configurationDAO.getCachedPropertyValue(HTTP_HSTS_MAX_AGE);
+ }
+
public String getHttpProxyHost() {
return configurationDAO.getCachedProperty(HTTP_PROXY_HOST);
}
@@ -220,6 +224,7 @@ public class ConfigurationService {
public Map<String, String> getCasTokenValidationParams() {
return (Map<String, String>) configurationDAO.getCachedPropertyValue(SSO_CAS_TOKEN_VALIDATION_PARAMS);
}
+
public List<String> getCasURLTokenValidationGroups() {
return (List<String>) configurationDAO.getCachedPropertyValue(SSO_CAS_TOKEN_VALIDATION_GROUPS);
}
diff --git a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/SmpWebAppConfig.java b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/SmpWebAppConfig.java
index 7641e5a6c0e25712c4f468191fcf91a7db025d29..adcc3c15ac2b8d7f463b6bd02be2836f267c376f 100644
--- a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/SmpWebAppConfig.java
+++ b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/SmpWebAppConfig.java
@@ -52,7 +52,7 @@ public class SmpWebAppConfig implements WebMvcConfigurer {
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.setOrder(HIGHEST_PRECEDENCE)
- .addResourceHandler("/index.html", "/favicon-16x16.png").addResourceLocations("/static_resources/");
+ .addResourceHandler("/index.html", "/favicon.png", "/favicon.ico").addResourceLocations("/html/");
registry.setOrder(HIGHEST_PRECEDENCE - 2)
.addResourceHandler("/ui/rest/").addResourceLocations("/"); // ui rest resources
diff --git a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/SpringSecurityConfig.java b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/SpringSecurityConfig.java
index 7b1183e9d5dfef04ee5549c1284aecd9f7da8355..41d56537e86b85adf011fdc2dd1683739b61d15e 100644
--- a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/SpringSecurityConfig.java
+++ b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/SpringSecurityConfig.java
@@ -50,6 +50,7 @@ import org.springframework.security.web.firewall.DefaultHttpFirewall;
import org.springframework.security.web.firewall.HttpFirewall;
import org.springframework.security.web.session.HttpSessionEventPublisher;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+import org.springframework.security.web.util.matcher.AnyRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.web.server.adapter.ForwardedHeaderTransformer;
@@ -128,7 +129,7 @@ public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
ExceptionHandlingConfigurer<HttpSecurity> exceptionHandlingConfigurer = httpSecurity.exceptionHandling();
if (configurationService.isCasEnabled()) {
- LOG.info("REGISTER casAuthenticationEntryPoint: [{}]", casAuthenticationEntryPoint);
+ LOG.debug("The CAS authentication is enabled. Set casAuthenticationEntryPoint!");
exceptionHandlingConfigurer = exceptionHandlingConfigurer.defaultAuthenticationEntryPointFor(casAuthenticationEntryPoint, new AntPathRequestMatcher(SMP_SECURITY_PATH_CAS_AUTHENTICATE));
}
exceptionHandlingConfigurer.authenticationEntryPoint(new SpringSecurityExceptionHandler());
@@ -142,8 +143,30 @@ public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
.and();
if (configurationService.isCasEnabled()) {
+ LOG.debug("The CAS authentication is enabled. Add CAS filter!");
httpSecurity = httpSecurity.addFilter(casAuthenticationFilter);
}
+ // set HstsMAxAge
+ Integer maxAge = configurationService.getHttpHeaderHstsMaxAge();
+ if (maxAge == null || maxAge < 0){
+ LOG.info("The httpStrictTransportSecurity (HSTS) policy is set for HTTPS/1Y!" );
+ httpSecurity = httpSecurity.headers()
+ .httpStrictTransportSecurity()
+ .includeSubDomains(true)
+ .preload(false)
+ .maxAgeInSeconds(31536000).and().and();
+ }else if ( maxAge == 0){
+ LOG.warn("The httpStrictTransportSecurity (HSTS) policy is disabled!" );
+ httpSecurity = httpSecurity.headers().httpStrictTransportSecurity().disable().and();
+ } else {
+ LOG.info("The httpStrictTransportSecurity (HSTS) policy is set to [{}] for http and https!",maxAge );
+ httpSecurity = httpSecurity.headers()
+ .httpStrictTransportSecurity()
+ .includeSubDomains(true)
+ .preload(false)
+ .maxAgeInSeconds(maxAge)
+ .requestMatcher(AnyRequestMatcher.INSTANCE).and().and();
+ }
httpSecurity.addFilter(blueCoatAuthenticationFilter)
.addFilter(x509AuthenticationFilter)
diff --git a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/controllers/RootController.java b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/controllers/RootController.java
index d51f36339ecfb808a8977b0dcf2c1d86be42584d..576b07c14e4f7cbd8221e2893149d1da74c8b71e 100644
--- a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/controllers/RootController.java
+++ b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/controllers/RootController.java
@@ -25,6 +25,7 @@ import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import static org.springframework.core.Ordered.HIGHEST_PRECEDENCE;
@@ -48,20 +49,26 @@ public class RootController {
return new ModelAndView("redirect:/index.html", model);
}
- @GetMapping( produces = {MediaType.TEXT_HTML_VALUE, MediaType.IMAGE_PNG_VALUE},
- value={ "/index.html", "/favicon-16x16.png"})
+ @GetMapping( produces = {MediaType.TEXT_HTML_VALUE,
+ MediaType.IMAGE_PNG_VALUE,
+ "image/ico","image/x-ico"
+},
+ value={ "/index.html","/favicon.png","/favicon.ico"})
@Order(HIGHEST_PRECEDENCE)
- public byte[] getServiceGroup(HttpServletRequest httpReq) throws IOException {
+ public byte[] getServiceGroup(HttpServletRequest httpReq, HttpServletResponse httpRes) throws IOException {
String host = httpReq.getRemoteHost();
LOG.businessInfo(SMPMessageCode.BUS_HTTP_GET_END_STATIC_CONTENT,host,httpReq.getPathInfo());
- String value = httpReq.getServletPath();
- if(value!=null && value.endsWith("favicon-16x16.png")){
- return IOUtils.readBytesFromStream(RootController.class.getResourceAsStream("/html/favicon-16x16.png"));
- }else {
+ String value = httpReq.getPathInfo();
+ if(value!=null && value.endsWith("favicon.png")){
+ httpRes.setContentType("image/x-ico");
+ return IOUtils.readBytesFromStream(RootController.class.getResourceAsStream("/html/favicon.png"));
+ }else if(value!=null && value.endsWith("favicon.ico")){
+ httpRes.setContentType(MediaType.IMAGE_PNG_VALUE);
+ return IOUtils.readBytesFromStream(RootController.class.getResourceAsStream("/html/favicon.ico"));
+ } else {
return IOUtils.readBytesFromStream(RootController.class.getResourceAsStream("/html/index.html"));
}
}
-
/**
* redirect angular pages to index.html
* solve the 404 error on refresh
diff --git a/smp-webapp/src/main/resources/html/favicon-16x16.png b/smp-webapp/src/main/resources/html/favicon-16x16.png
deleted file mode 100644
index 3d21e2c812117e7de63d45621f8991391acfe9fc..0000000000000000000000000000000000000000
Binary files a/smp-webapp/src/main/resources/html/favicon-16x16.png and /dev/null differ
diff --git a/smp-webapp/src/main/resources/html/favicon.ico b/smp-webapp/src/main/resources/html/favicon.ico
new file mode 100644
index 0000000000000000000000000000000000000000..650f74d68e1ad93bcf0497cd27b2c3af43c6338d
Binary files /dev/null and b/smp-webapp/src/main/resources/html/favicon.ico differ
diff --git a/smp-webapp/src/main/resources/html/favicon.png b/smp-webapp/src/main/resources/html/favicon.png
new file mode 100644
index 0000000000000000000000000000000000000000..0afb5fecb8f14c4619d1734b2df25809281e1e9f
Binary files /dev/null and b/smp-webapp/src/main/resources/html/favicon.png differ
diff --git a/smp-webapp/src/main/resources/html/index.html b/smp-webapp/src/main/resources/html/index.html
index 1c50bf0ec960970ce0db2f2b85f1b65f27a1bd64..f6dd59ac8818f79dc744b01c2997becf53926e51 100644
--- a/smp-webapp/src/main/resources/html/index.html
+++ b/smp-webapp/src/main/resources/html/index.html
@@ -1,5 +1,5 @@
<!--
- ~ Copyright 2017 European Commission | CEF eDelivery
+ ~ Copyright 2017-2022 European Commission | CEF eDelivery
~
~ Licensed under the EUPL, Version 1.2 or – as soon they will be approved by the European Commission - subsequent versions of the EUPL (the "Licence");
~ You may not use this work except in compliance with the Licence.
@@ -14,9 +14,8 @@
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <meta http-equiv="X-UA-Compatible" content="IE=edge" />
<title>SMP</title>
- <link rel="icon" type="image/x-icon" href="/favicon.ico">
+ <link rel="icon" type="image/x-ico" href="favicon.ico">
<style type="text/css">
body { font-family: Arial, Helvetica, sans-serif; }
a, a:link, a:visited, a:hover, a:active { color: blue; }