Merge branch 'development' into performanceImprovements

# Conflicts: # smp-ui-tests/src/main/java/pages/domain/DomainPopup.java # smp-ui-tests/src/test/java/ui/DomainPgTest.java # smp-ui-tests/src/test/java/ui/EditPgTest.java

Merge branch 'development' into performanceImprovements
# Conflicts: # smp-ui-tests/src/main/java/pages/domain/DomainPopup.java # smp-ui-tests/src/test/java/ui/DomainPgTest.java # smp-ui-tests/src/test/java/ui/EditPgTest.java
6865c949 · Catalin Comanici · 71df7dd5 · 13b8a9f9 · 6865c949 · 6865c949
Commit 6865c949 authored 2 years ago by Catalin Comanici
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
+# This file is a template, and might need editing before it works on your project.
+# This is a sample GitLab CI/CD configuration file that should run without any modifications.
+# It demonstrates a basic 3 stage CI/CD pipeline. Instead of real tests or scripts,
+# it uses echo commands to simulate the pipeline execution.
+#
+# A pipeline is composed of independent jobs that run scripts, grouped into stages.
+# Stages run in sequential order, but jobs within stages run in parallel.
+#
+# For more information, see: https://docs.gitlab.com/ee/ci/yaml/index.html#stages
+#
+# You can copy and paste this template into a new `.gitlab-ci.yml` file.
+# You should not add this template to an existing `.gitlab-ci.yml` file by using the `include:` keyword.
+#
+# To contribute improvements to CI/CD templates, please follow the Development guide at:
+# https://docs.gitlab.com/ee/development/cicd/templates.html
+# This specific template is located at:
+# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Getting-Started.gitlab-ci.yml
+stages:          # List of stages for jobs, and their order of execution
+  - build-maven
+  - security-scanning
+  - build-docker
+  - test-backend
+  - test-ui
+  - visualization
+include:
+  #- 'gitlab-ci/code-quality/code-quality.gitlab-ci.yml'
+  - template: Code-Quality.gitlab-ci.yml
+  - template: Jobs/SAST.gitlab-ci.yml
+  - template: Jobs/Dependency-Scanning.gitlab-ci.yml
+  - template: Jobs/Secret-Detection.gitlab-ci.yml
+  - template: Jobs/License-Scanning.gitlab-ci.yml
+# disable the spotbugs and use sempgrep.
+variables:
+  DS_INCLUDE_DEV_DEPENDENCIES: "false"
+  SAST_EXCLUDED_ANALYZERS: bandit,gosec,eslint,spotbugs
+  DS_JAVA_VERSION: 8
+code_quality:
+  stage: build-maven
+  services:            # Shut off Docker-in-Docker
+  tags:
+    - cq-sans-dind     # Set this job to only run on our new specialized runner
+  artifacts:
+    paths: [gl-code-quality-report.json]
+sast:
+  stage: security-scanning
+  needs: ["build-maven-job"]
+  tags:
+    - cq-sans-dind     # Set this job to only run on our new specialized runner
+dependency_scanning:
+  stage: security-scanning
+  needs: ["build-maven-job"]
+  tags:
+    - cq-sans-dind     # Set this job to only run on our new specialized runner
+.secret-analyzer:
+  stage: security-scanning
+  needs: ["build-maven-job"]
+  tags:
+    - cq-sans-dind     # Set this job to only run on our new specialized runner
+license_scanning:
+  stage: security-scanning
+  needs: ["build-maven-job"]
+  tags:
+    - cq-sans-dind
+# This job executes the maven build artefacts .
+build-maven-job:
+  stage: build-maven
+  script:
+    - echo "Compiling the code..."
+    - mvn clean verify
+    - echo "Compile complete."
+  after_script:
+    - cat smp-aggregator/target/site/jacoco-aggregate/index.html | grep -o '<tfoot>.*</tfoot>'
+  artifacts:
+    when: always
+    expire_in: 1 week
+    paths:
+      - "target/site"
+      - "*/target/site"
+    reports:
+      junit:
+        - "*/target/surefire-reports/TEST-*.xml"
+        #        - "*/target/failsafe-reports/TEST-*.xml"
+code-coverage-visualization:
+  # Must be in a stage later than build-maven-job's stage.
+  stage: visualization
+  image: registry.gitlab.com/haynes/jacoco2cobertura:1.0.7
+  tags:
+    - cq-sans-dind     # Set this job to only run on our new specialized runner
+  script:
+    # convert report from jacoco to cobertura, using relative project path
+    # find all modules containing java source files.
+    - mkdir -p target/site/
+    - jacoco_paths=`find * -path "**/src/main/java" -type d | sed -e 's@^@'"$CI_PROJECT_DIR"'/@'`
+    - echo "jacocopaths -> $jacoco_paths"
+    - python /opt/cover2cover.py smp-aggregator/target/site/jacoco-aggregate/index.html $jacoco_paths > target/site/cobertura.xml
+  needs: ["build-maven-job"]
+  dependencies:
+    - build-maven-job
+  artifacts:
+    when: always
+    expire_in: 1 week
+    paths:
+      - "target/site"
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: target/site/cobertura.xml
+# This job executed docker image build (and pushes them to repo)
+build-docker-job:
+  stage: build-docker
+  needs: ["build-maven-job"]
+  variables:
+    GIT_CLEAN_FLAGS: none # do not clean artefacts from build-maven-job
+  script:
+    - echo "build  maven artefacts Or import them from first step"
+    - mvn clean verify -DskipTests=true -DskipITs=true
+    - echo "build docker images..."
+    - ./smp-docker/images/build-docker-images.sh -o /datadrive/repo -c true
+    - echo "docker images build complete."
+# backend tests on tomcat/mysql with sml integration
+test-soapui-tomcat-mysql-sml-job:
+  stage: test-backend
+  needs: ["build-docker-job"]
+  script:
+    - echo "startup containers test-soapui-tomcat-mysql-sml"
+    - ./smp-docker/compose/tomcat-mysql-smp-sml/runCompose.sh -i ../../../smp-soapui-tests/groovy/mysql-4.1_integration_test_data.sql -v 5.0-SNAPSHOT
+    - echo "execute tests"
+    - cd smp-soapui-tests
+    - mvn clean verify  -Prun-soapui  -Durl=http://localhost:8982/smp/ -DjacocoRemoteAddress=localhost -DjacocoRemotePort=6902
+    - ../smp-docker/compose/tomcat-mysql-smp-sml/stopClearCompose.sh
+  artifacts:
+    when: always
+    expire_in: 1 week
+    name: "tomcat-mysql-soapui-report"
+    paths:
+      - "*/target/soapui-reports"
+      - "*/target/soapui"
+    reports:
+      junit:
+        - "*/target/soapui-reports/TEST-*.xml"
+# backend tests on tomcat/mysql with sml integration
+test-soapui-weblogic-oracle-job:
+  stage: test-backend
+  needs: ["build-docker-job"]
+  script:
+    - echo "startup containers test-soapui-weblogi-oracle"
+    - ./smp-docker/compose/weblogic-oracle/runCompose.sh -i ../../../smp-soapui-tests/groovy/oracle-4.1_integration_test_data.sql -v 5.0-SNAPSHOT
+    - echo "execute tests"
+    - cd smp-soapui-tests
+    - mvn clean verify -Prun-soapui  -Durl=http://localhost:7901/smp/
+    - ../smp-docker/compose/weblogic-oracle/stopClearCompose.sh
+  artifacts:
+    when: always
+    expire_in: 1 week
+    reports:
+      junit:
+        - "*/target/soapui-reports/TEST-*.xml"
+test-ui-tomcat-mysql-sml-job:
+  stage: test-ui  # It only runs when *both* test jobs in the test stage complete successfully.
+  allow_failure: true
+  needs: ["test-soapui-tomcat-mysql-sml-job"]
+  script:
+    - echo "Deploying application..."
+    - ./smp-docker/compose/tomcat-mysql-smp-sml/runCompose.sh -i ../../../smp-soapui-tests/groovy/mysql-4.1_integration_test_data.sql -v 5.0-SNAPSHOT
+    - cd smp-ui-tests
+    - /usr/bin/xvfb-run -e /tmp/xvfb-error.log --server-args="-screen 0 1920x1080x24" mvn test -Pubuntu -Durl=http://localhost:8982/smp/  -Dchrome.driver.path=/home/edelivery/drivers/chromedriver
+  artifacts:
+    when: always
+    expire_in: 1 week
+    name: "ui-report"
+    paths:
+      - "*/testng-results.xml"
--- a/pom.xml
+++ b/pom.xml
@@ -28,6 +28,7 @@
        <module>smp-webapp</module>
        <module>smp-soapui-tests</module>
        <module>smp-examples</module>
+        <module>smp-aggregator</module>
    </modules>
    <properties>
@@ -76,7 +77,7 @@
        <slf4j.version>1.7.36</slf4j.version>
        <soapui.plugin.version>5.1.2</soapui.plugin.version>
        <spring-modules-jakarta-commons.version>0.8</spring-modules-jakarta-commons.version>
-        <spring.boot.version>2.7.0</spring.boot.version>
+        <spring.boot.version>2.7.4</spring.boot.version>
        <spring.security.version>5.7.2</spring.security.version>
        <spring.version>5.3.21</spring.version>
        <xmlunit.version>2.9.0</xmlunit.version>
@@ -659,7 +660,7 @@
                    </execution>
                    <execution>
                        <id>report</id>
-                        <phase>verify</phase>
+                        <phase>package</phase>
                        <goals>
                            <goal>report</goal>
                        </goals>
@@ -692,7 +693,7 @@
                    <plugin>
                        <groupId>org.owasp</groupId>
                        <artifactId>dependency-check-maven</artifactId>
-                        <version>7.1.1</version>
+                        <version>7.1.2</version>
                        <inherited>false</inherited>
                        <configuration>
                            <skipProvidedScope>true</skipProvidedScope>

--- a/smp-aggregator/pom.xml
+++ b/smp-aggregator/pom.xml
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>smp-modules</artifactId>
+        <groupId>eu.europa.ec.edelivery</groupId>
+        <version>5.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>smp-aggregator</artifactId>
+    <dependencies>
+        <dependency>
+            <groupId>eu.europa.ec.edelivery</groupId>
+            <artifactId>smp-api</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>eu.europa.ec.edelivery</groupId>
+            <artifactId>smp-spi</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>eu.europa.ec.edelivery</groupId>
+            <artifactId>smp-server-library</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>eu.europa.ec.edelivery</groupId>
+            <artifactId>smp</artifactId>
+            <version>${project.version}</version>
+            <type>war</type>
+        </dependency>
+    </dependencies>
+    <build>
+        <plugins>
+            <!-- jacoco start -->
+            <plugin>
+                <groupId>org.jacoco</groupId>
+                <artifactId>jacoco-maven-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>report-aggregate</id>
+                        <phase>verify</phase>
+                        <goals>
+                            <goal>report-aggregate</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+</project>
\ No newline at end of file
--- a/smp-docker/pom.xml
+++ b/smp-docker/pom.xml
@@ -8,7 +8,7 @@
    <parent>
        <groupId>eu.europa.ec.edelivery</groupId>
        <artifactId>smp-modules</artifactId>
-        <version>4.2-RC2-SNAPSHOT</version>
+        <version>5.0-SNAPSHOT</version>
        <relativePath>../pom.xml</relativePath>
    </parent>
    <properties>

--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/conversion/X509CertificateToCertificateROConverter.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/conversion/X509CertificateToCertificateROConverter.java
@@ -16,8 +16,10 @@ import java.io.UnsupportedEncodingException;
 import java.net.URLEncoder;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.X509Certificate;
+import java.text.DateFormat;
 import java.text.SimpleDateFormat;
 import java.util.Base64;
+import java.util.TimeZone;
 /**
 * @author Joze Rihtarsic
@@ -27,8 +29,15 @@ import java.util.Base64;
 public class X509CertificateToCertificateROConverter implements Converter<X509Certificate, CertificateRO> {
    private static final SMPLogger LOG = SMPLoggerFactory.getLogger(CertificateROToDBCertificateConverter.class);
    private static final String S_CLIENT_CERT_DATEFORMAT = "MMM dd HH:mm:ss yyyy";
+    // the GMT date format for the Client-Cert header generation!
+    private static final ThreadLocal<DateFormat> dateFormatGMT = ThreadLocal.withInitial(() -> {
+                SimpleDateFormat sdf = new SimpleDateFormat(S_CLIENT_CERT_DATEFORMAT);
+                sdf.setTimeZone(TimeZone.getTimeZone("GMT"));
+                return sdf;
+            }
+    );
    @Override
    public CertificateRO convert(X509Certificate cert) {
@@ -57,7 +66,7 @@ public class X509CertificateToCertificateROConverter implements Converter<X509Ce
        }
        // generate clientCertHeader header
-        SimpleDateFormat sdf = new SimpleDateFormat(S_CLIENT_CERT_DATEFORMAT);
+        DateFormat sdf = dateFormatGMT.get();
        StringWriter sw = new StringWriter();
        sw.write("sno=");
        sw.write(serial);

--- a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/conversion/X509CertificateToCertificateROConverterTest.java
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/conversion/X509CertificateToCertificateROConverterTest.java
@@ -31,7 +31,7 @@ public class X509CertificateToCertificateROConverterTest {
                        "CN=Escape characters \\,\\\\\\#\\+\\<\\>\\\"\\=,OU=CEF,O=DIGIT,C=BE",
                        "CN=Escape characters \\,\\\\\\#\\+\\<\\>\\\"\\=,OU=CEF,O=DIGIT,C=BE",
                        "5c1bb275",
-                        "sno=5c1bb275&subject=CN%3DEscape+characters+%5C%2C%5C%5C%5C%23%5C%2B%5C%3C%5C%3E%5C%22%5C%3D%2COU%3DCEF%2CO%3DDIGIT%2CC%3DBE&validfrom=Dec+20+16%3A17%3A09+2018+GMT&validto=Dec+17+16%3A17%3A09+2028+GMT&issuer=CN%3DEscape+characters+%5C%2C%5C%5C%5C%23%5C%2B%5C%3C%5C%3E%5C%22%5C%3D%2COU%3DCEF%2CO%3DDIGIT%2CC%3DBE",
+                        "sno=5c1bb275&subject=CN%3DEscape+characters+%5C%2C%5C%5C%5C%23%5C%2B%5C%3C%5C%3E%5C%22%5C%3D%2COU%3DCEF%2CO%3DDIGIT%2CC%3DBE&validfrom=Dec+20+15%3A17%3A09+2018+GMT&validto=Dec+17+15%3A17%3A09+2028+GMT&issuer=CN%3DEscape+characters+%5C%2C%5C%5C%5C%23%5C%2B%5C%3C%5C%3E%5C%22%5C%3D%2COU%3DCEF%2CO%3DDIGIT%2CC%3DBE",
                        "CN=Escape characters \\,\\\\\\#\\+\\<\\>\\\"\\=,O=DIGIT,C=BE:000000005c1bb275"
                },
                {
@@ -39,7 +39,7 @@ public class X509CertificateToCertificateROConverterTest {
                        "CN=NonAscii chars:  àøýßĉæãäħ,OU=CEF,O=DIGIT,C=BE",
                        "CN=NonAscii chars:  àøýßĉæãäħ,OU=CEF,O=DIGIT,C=BE",
                        "5c1bb38d",
-                        "sno=5c1bb38d&subject=CN%3DNonAscii+chars%3A++%C3%A0%C3%B8%C3%BD%C3%9F%C4%89%C3%A6%C3%A3%C3%A4%C4%A7%2COU%3DCEF%2CO%3DDIGIT%2CC%3DBE&validfrom=Dec+20+16%3A21%3A49+2018+GMT&validto=Dec+17+16%3A21%3A49+2028+GMT&issuer=CN%3DNonAscii+chars%3A++%C3%A0%C3%B8%C3%BD%C3%9F%C4%89%C3%A6%C3%A3%C3%A4%C4%A7%2COU%3DCEF%2CO%3DDIGIT%2CC%3DBE",
+                        "sno=5c1bb38d&subject=CN%3DNonAscii+chars%3A++%C3%A0%C3%B8%C3%BD%C3%9F%C4%89%C3%A6%C3%A3%C3%A4%C4%A7%2COU%3DCEF%2CO%3DDIGIT%2CC%3DBE&validfrom=Dec+20+15%3A21%3A49+2018+GMT&validto=Dec+17+15%3A21%3A49+2028+GMT&issuer=CN%3DNonAscii+chars%3A++%C3%A0%C3%B8%C3%BD%C3%9F%C4%89%C3%A6%C3%A3%C3%A4%C4%A7%2COU%3DCEF%2CO%3DDIGIT%2CC%3DBE",
                        "CN=NonAscii chars:  aøyßcæaaħ,O=DIGIT,C=BE:000000005c1bb38d"
                },
                {
@@ -47,14 +47,14 @@ public class X509CertificateToCertificateROConverterTest {
                        "CN=Cert with email,OU=CEF,O=DIGIT,C=BE",
                        "CN=Cert with email,OU=CEF,O=DIGIT,C=BE",
                        "5c1bb358",
-                        "sno=5c1bb358&subject=CN%3DCert+with+email%2COU%3DCEF%2CO%3DDIGIT%2CC%3DBE&validfrom=Dec+20+16%3A20%3A56+2018+GMT&validto=Dec+17+16%3A20%3A56+2028+GMT&issuer=CN%3DCert+with+email%2COU%3DCEF%2CO%3DDIGIT%2CC%3DBE",
+                        "sno=5c1bb358&subject=CN%3DCert+with+email%2COU%3DCEF%2CO%3DDIGIT%2CC%3DBE&validfrom=Dec+20+15%3A20%3A56+2018+GMT&validto=Dec+17+15%3A20%3A56+2028+GMT&issuer=CN%3DCert+with+email%2COU%3DCEF%2CO%3DDIGIT%2CC%3DBE",
                        "CN=Cert with email,O=DIGIT,C=BE:000000005c1bb358"},
                {
                        "cert-smime.pem",
                        "C=BE,O=European Commission,OU=PEPPOL TEST SMP,CN=edelivery_sml",
                        "CN=PEPPOL SERVICE METADATA PUBLISHER TEST CA - G2,OU=FOR TEST ONLY,O=OpenPEPPOL AISBL,C=BE",
                        "3cfe6b37e4702512c01e71f9b9175464",
-                        "sno=3cfe6b37e4702512c01e71f9b9175464&subject=C%3DBE%2CO%3DEuropean+Commission%2COU%3DPEPPOL+TEST+SMP%2CCN%3Dedelivery_sml&validfrom=Sep+21+02%3A00%3A00+2018+GMT&validto=Sep+11+01%3A59%3A59+2020+GMT&issuer=CN%3DPEPPOL+SERVICE+METADATA+PUBLISHER+TEST+CA+-+G2%2COU%3DFOR+TEST+ONLY%2CO%3DOpenPEPPOL+AISBL%2CC%3DBE",
+                        "sno=3cfe6b37e4702512c01e71f9b9175464&subject=C%3DBE%2CO%3DEuropean+Commission%2COU%3DPEPPOL+TEST+SMP%2CCN%3Dedelivery_sml&validfrom=Sep+21+00%3A00%3A00+2018+GMT&validto=Sep+10+23%3A59%3A59+2020+GMT&issuer=CN%3DPEPPOL+SERVICE+METADATA+PUBLISHER+TEST+CA+-+G2%2COU%3DFOR+TEST+ONLY%2CO%3DOpenPEPPOL+AISBL%2CC%3DBE",
                        "CN=edelivery_sml,O=European Commission,C=BE:3cfe6b37e4702512c01e71f9b9175464"
                },
                {
@@ -62,7 +62,7 @@ public class X509CertificateToCertificateROConverterTest {
                        "C=BE,O=DIGIT,2.5.4.5=#130131+2.5.4.42=#0c046a6f686e+CN=SMP_receiverCN",
                        "C=BE,O=DIGIT,2.5.4.5=#130131+2.5.4.42=#0c046a6f686e+CN=SMP_receiverCN",
                        "123456789101112",
-                        "sno=123456789101112&subject=C%3DBE%2CO%3DDIGIT%2C2.5.4.5%3D%23130131%2B2.5.4.42%3D%230c046a6f686e%2BCN%3DSMP_receiverCN&validfrom=Dec+09+14%3A14%3A11+2019+GMT&validto=Feb+01+14%3A14%3A11+2021+GMT&issuer=C%3DBE%2CO%3DDIGIT%2C2.5.4.5%3D%23130131%2B2.5.4.42%3D%230c046a6f686e%2BCN%3DSMP_receiverCN",
+                        "sno=123456789101112&subject=C%3DBE%2CO%3DDIGIT%2C2.5.4.5%3D%23130131%2B2.5.4.42%3D%230c046a6f686e%2BCN%3DSMP_receiverCN&validfrom=Dec+09+13%3A14%3A11+2019+GMT&validto=Feb+01+13%3A14%3A11+2021+GMT&issuer=C%3DBE%2CO%3DDIGIT%2C2.5.4.5%3D%23130131%2B2.5.4.42%3D%230c046a6f686e%2BCN%3DSMP_receiverCN",
                        "CN=SMP_receiverCN,O=DIGIT,C=BE:0123456789101112"
                },
                {
@@ -70,7 +70,7 @@ public class X509CertificateToCertificateROConverterTest {
                        "C=EU,O=Ministerio de large Serial Number,CN=ncp-ppt.test.ehealth",
                        "C=EU,O=Ministerio de large Serial Number,CN=ncp-ppt.test.ehealth",
                        "a33e30cd250b17267b13bec",
-                        "sno=a33e30cd250b17267b13bec&subject=C%3DEU%2CO%3DMinisterio+de+large+Serial+Number%2CCN%3Dncp-ppt.test.ehealth&validfrom=May+26+10%3A50%3A08+2022+GMT&validto=May+27+10%3A50%3A08+2027+GMT&issuer=C%3DEU%2CO%3DMinisterio+de+large+Serial+Number%2CCN%3Dncp-ppt.test.ehealth",
+                        "sno=a33e30cd250b17267b13bec&subject=C%3DEU%2CO%3DMinisterio+de+large+Serial+Number%2CCN%3Dncp-ppt.test.ehealth&validfrom=May+26+08%3A50%3A08+2022+GMT&validto=May+27+08%3A50%3A08+2027+GMT&issuer=C%3DEU%2CO%3DMinisterio+de+large+Serial+Number%2CCN%3Dncp-ppt.test.ehealth",
                        "CN=ncp-ppt.test.ehealth,O=Ministerio de large Serial Number,C=EU:0a33e30cd250b17267b13bec" // note the leading 0
                },
        };

--- a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/CRLVerifierServiceTest.java
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/CRLVerifierServiceTest.java
@@ -15,7 +15,10 @@ import java.io.IOException;
 import java.security.Security;
 import java.security.cert.*;
+import static org.hamcrest.CoreMatchers.startsWith;
+import static org.hamcrest.MatcherAssert.assertThat;
 import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThrows;
 public class CRLVerifierServiceTest extends AbstractServiceIntegrationTest {
@@ -71,11 +74,8 @@ public class CRLVerifierServiceTest extends AbstractServiceIntegrationTest {
        Mockito.doReturn(crl).when(crlVerifierServiceInstance).getCRLByURL("https://localhost/crl");
-        expectedEx.expect(CertificateRevokedException.class);
+        CertificateRevokedException result = assertThrows(CertificateRevokedException.class, () -> crlVerifierServiceInstance.verifyCertificateCRLs(certificate));
-        expectedEx.expectMessage("Certificate has been revoked, reason: UNSPECIFIED, revocation date: Mon Mar 18 19:22:42 CET 2019, authority: , extension OIDs: []");
+        assertThat(result.getMessage(), startsWith("Certificate has been revoked, reason: UNSPECIFIED"));
-        // when-then
-        crlVerifierServiceInstance.verifyCertificateCRLs(certificate);
    }
    @Test
@@ -114,18 +114,15 @@ public class CRLVerifierServiceTest extends AbstractServiceIntegrationTest {
        Mockito.doReturn(crl).when(crlVerifierServiceInstance).downloadCRL("https://localhost/crl", true);
-        expectedEx.expect(CertificateRevokedException.class);
+        CertificateRevokedException result = assertThrows(CertificateRevokedException.class, () ->crlVerifierServiceInstance.verifyCertificateCRLs("11", "https://localhost/crl"));
-        expectedEx.expectMessage("Certificate has been revoked, reason: UNSPECIFIED, revocation date: Mon Mar 18 19:22:42 CET 2019, authority: , extension OIDs: []");
+        assertThat(result.getMessage(), startsWith("Certificate has been revoked, reason: UNSPECIFIED"));
-        // when-then
-        crlVerifierServiceInstance.verifyCertificateCRLs("11", "https://localhost/crl");
    }
    @Test
    public void verifyCertificateCRLsRevokedSerialTestThrowIOExceptionHttps() throws CertificateException, IOException, CRLException {
        String crlURL = "https://localhost/crl";
-        Mockito.doThrow(new SMPRuntimeException(ErrorCode.CERTIFICATE_ERROR, "Can not download CRL '" + crlURL+"'", "IOException: Can not access URL")).when(crlVerifierServiceInstance).downloadCRL("https://localhost/crl", true);
+        Mockito.doThrow(new SMPRuntimeException(ErrorCode.CERTIFICATE_ERROR, "Can not download CRL '" + crlURL + "'", "IOException: Can not access URL")).when(crlVerifierServiceInstance).downloadCRL("https://localhost/crl", true);
        expectedEx.expect(SMPRuntimeException.class);
        expectedEx.expectMessage("Certificate error [Can not download CRL 'https://localhost/crl']. Error: IOException: Can not access URL!");

--- a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/SMLIntegrationServiceNoSMLIntegrationTest.java
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/SMLIntegrationServiceNoSMLIntegrationTest.java
@@ -21,12 +21,9 @@ import org.junit.Test;
 import org.junit.rules.ExpectedException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.TestPropertySource;
 import org.springframework.transaction.annotation.Transactional;
 import static eu.europa.ec.edelivery.smp.testutil.TestConstants.*;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
 /**
 * Purpose of class is to test ServiceGroupService base methods
@@ -34,8 +31,6 @@ import static org.junit.Assert.assertTrue;
 * @author Joze Rihtarsic
 * @since 4.1
 */
-@TestPropertySource(properties = {
-        "bdmsl.integration.enabled=false"})
 @ContextConfiguration(classes = {SMLIntegrationService.class})
 public class
 SMLIntegrationServiceNoSMLIntegrationTest extends AbstractServiceIntegrationTest {
@@ -50,6 +45,7 @@ SMLIntegrationServiceNoSMLIntegrationTest extends AbstractServiceIntegrationTest
    @Transactional
    public void prepareDatabase() {
        prepareDatabaseForSingleDomainEnv();
+        configurationDao.reloadPropertiesFromDatabase();
    }
    @Test
@@ -80,7 +76,6 @@ SMLIntegrationServiceNoSMLIntegrationTest extends AbstractServiceIntegrationTest
    }
    @Test
    public void registerOnlyParticipantDomainToSml() {

--- a/smp-ui-tests/src/main/java/pages/service_groups/edit/ServiceMetadataPopup.java
+++ b/smp-ui-tests/src/main/java/pages/service_groups/edit/ServiceMetadataPopup.java
@@ -28,7 +28,7 @@ public class ServiceMetadataPopup extends PageComponent {
 	private WebElement clearButton;
 	@FindBy(css = "mat-card-content > mat-toolbar > mat-toolbar-row > button:nth-child(2)")
 	private WebElement generateXMLButton;
-	@FindBy(css = "mat-card-content > mat-toolbar > mat-toolbar-row > button:nth-child(3)")
+	@FindBy(css = "mat-card-content > mat-toolbar > mat-toolbar-row > button:nth-child(4)")
 	private WebElement validateButton;
 	@FindBy(css = "#MetadataTextArea")
@@ -49,6 +49,9 @@ public class ServiceMetadataPopup extends PageComponent {
 	@FindBy(xpath = "//span[text() ='Metadata wizard']")
 	private WebElement metadataWizardBtn;
+	@FindBy(css = "mat-card-content > div > div.ng-star-inserted:nth-child(2)")
+	private WebElement xmlValidationMsg;
 	@FindBy(css = "mat-dialog-content #domain_id")
 	private WebElement domainSelectContainer;
 	private GenericSelect domainSelect;
@@ -73,6 +76,11 @@ public class ServiceMetadataPopup extends PageComponent {
 	}
+	public String xmlFieldVALUE(){
+		log.info("value is "+metadataTextArea.getAttribute("value"));
+		return metadataTextArea.getAttribute("value");
+	}
 	public void fillForm(String domain, String docID, String docScheme) {
 		waitForElementToBeVisible(documentIdentifierInput);
 		domainSelect.selectWithIndex(0);
@@ -83,7 +91,26 @@ public class ServiceMetadataPopup extends PageComponent {
 		generateXMLButton.click();
 	}
+	public String captureTextOfMetadataTextArea(){
+		return metadataTextArea.getText();
+	}
+	public void clickValidateBtn(){
+		waitForElementToBeClickable(validateButton).click();
+	}
+	public void clickGenerateXMLBtn(){
+		waitForElementToBeClickable(generateXMLButton).click();
+	}
+	public void clickClearBtn(){
+		waitForElementToBeClickable(clearButton).click();
+	}
+	public String getXMLValidationMessage(){
+		return xmlValidationMsg.getText();
+	}
+	public void addTextToMetadataTextArea(String generator){
+		metadataTextArea.sendKeys(generator);
+	}
 	public String docIDFieldValue(){
 		return documentIdentifierInput.getAttribute("value");

--- a/smp-ui-tests/src/main/java/utils/enums/SMPMessages.java
+++ b/smp-ui-tests/src/main/java/utils/enums/SMPMessages.java
@@ -76,4 +76,15 @@ public class SMPMessages {
 	public static final String SMLSMPID_VALIDATION_MESSAGE = "SML SMP ID should be up to 63 characters long, should only contain alphanumeric and hyphen characters, should not start with a digit nor a hyphen and should not end with a hyphen.";
 	public static final String USER_EMAIL_VALIDATION_MESSAGE = "Email is invalid!";
 	public static final String DOMAINCODE_VALIDATION_MESSAGE = "Domain code must contain only chars and numbers and must be less than 63 chars long.";
+	public static final String VALID_XML_MESSAGE = "Servicemetadata is valid!";
+	public static final String INVALID_XML_MESSAGE1 = "SAXParseException: XML document structures must start and end within the same entity.";
+	public static final String INVALID_XML_MESSAGE2 = "SAXParseException: Content is not allowed in prolog.";
+	public static final String INVALID_XML_MESSAGE3 = "SAXParseException: Content is not allowed in trailing section.";
+	public static final String INVALID_XML_MESSAGE4 = "SAXParseException: cvc-complex-type.2.3: Element 'ServiceMetadata' cannot have character [children], because the type's content type is element-only.";
+	public static final String INVALID_XML_MESSAGE5 = "SAXParseException: The end-tag for element type \"ServiceMetadata\" must end with a '>' delimiter.";
+	public static final String INVALID_XML_MESSAGE6 = "SAXParseException: cvc-complex-type.2.3: Element 'Process' cannot have character [children], because the type's content type is element-only.";
+	public static final String EMPTY_XML_WARN_MESSAGE = "Service metadata xml must not be empty";
+	public static final String EMPTY_XML_MESSAGE = "Valid service metadata XML is required!";
+	public static final String INVALID_XML_MESSAGE7 = "SAXParseException: The markup in the document following the root element must be well-formed.";
 }
--- a/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/controllers/ServiceGroupControllerTest.java
+++ b/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/controllers/ServiceGroupControllerTest.java
@@ -19,6 +19,7 @@ import eu.europa.ec.edelivery.smp.test.SmpTestWebAppConfig;
 import eu.europa.ec.edelivery.smp.test.testutils.MockMvcUtils;
 import eu.europa.ec.edelivery.smp.test.testutils.X509CertificateTestUtils;
 import org.junit.Before;
+import org.junit.Ignore;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -52,7 +53,12 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 @ContextConfiguration(classes = {SmpTestWebAppConfig.class})
 @Sql(scripts = {
        "classpath:/cleanup-database.sql",
-        "classpath:/webapp_integration_test_data.sql"},
+        "classpath:/webapp_integration_test_data.sql",
+        },
+        statements = {
+                "update SMP_CONFIGURATION set VALUE='false', LAST_UPDATED_ON=CURRENT_TIMESTAMP() where PROPERTY='identifiersBehaviour.scheme.mandatory';",
+                "update SMP_CONFIGURATION set VALUE='true', LAST_UPDATED_ON=CURRENT_TIMESTAMP() where PROPERTY='smp.automation.authentication.external.tls.clientCert.enabled';"
+        },
        executionPhase = BEFORE_TEST_METHOD)
 public class ServiceGroupControllerTest {
@@ -91,11 +97,10 @@ public class ServiceGroupControllerTest {
    @Before
    public void setup() throws IOException {
        forwardedHeaderTransformer.setRemoveOnly(false);
-        configurationDao.setPropertyToDatabase(SMPPropertyEnum.EXTERNAL_TLS_AUTHENTICATION_CLIENT_CERT_HEADER_ENABLED, "true", null);
-        configurationDao.setPropertyToDatabase(SMPPropertyEnum.PARTC_SCH_MANDATORY, "false", null);
        X509CertificateTestUtils.reloadKeystores();
        mvc = MockMvcUtils.initializeMockMvc(webAppContext);
        configurationDao.reloadPropertiesFromDatabase();
    }
    @Test
@@ -115,9 +120,9 @@ public class ServiceGroupControllerTest {
    }
    @Test
+    @Ignore("Setting of the 'identifiersBehaviour.scheme.mandatory' not working")
    public void adminCanCreateServiceGroupNullScheme() throws Exception {
-        // make sure identifiersBehaviour.scheme.allowNull is set to true in db script
-        // set identifiersBehaviour.scheme.mandatory to false
        mvc.perform(put(URL_PATH_NULL_SCHEME)
                .with(ADMIN_CREDENTIALS)
                .header(HTTP_HEADER_KEY_DOMAIN, HTTP_DOMAIN_VALUE)

--- a/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/ui/AuthenticationResourceIntegrationTest.java
+++ b/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/ui/AuthenticationResourceIntegrationTest.java
 package eu.europa.ec.edelivery.smp.ui;
-import eu.europa.ec.edelivery.smp.data.ui.UserRO;
+import eu.europa.ec.edelivery.smp.data.dao.ConfigurationDao;
+import eu.europa.ec.edelivery.smp.services.ui.UIKeystoreService;
 import eu.europa.ec.edelivery.smp.test.SmpTestWebAppConfig;
+import eu.europa.ec.edelivery.smp.test.testutils.MockMvcUtils;
+import eu.europa.ec.edelivery.smp.test.testutils.X509CertificateTestUtils;
 import org.junit.Before;
-import org.junit.Ignore;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.mock.web.MockServletContext;
-import org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.jdbc.Sql;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.context.web.WebAppConfiguration;
 import org.springframework.test.web.servlet.MockMvc;
-import org.springframework.test.web.servlet.request.RequestPostProcessor;
-import org.springframework.test.web.servlet.setup.MockMvcBuilders;
-import org.springframework.web.context.ContextLoaderListener;
 import org.springframework.web.context.WebApplicationContext;
-import javax.servlet.ServletContextEvent;
-import javax.servlet.ServletContextListener;
 import javax.servlet.http.HttpSession;
+import java.io.IOException;
 import static org.junit.Assert.assertNotNull;
-import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
 import static org.springframework.test.context.jdbc.Sql.ExecutionPhase.BEFORE_TEST_METHOD;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
@@ -43,25 +38,21 @@ public class AuthenticationResourceIntegrationTest {
    @Autowired
    private WebApplicationContext webAppContext;
+    @Autowired
+    private UIKeystoreService uiKeystoreService;
+    @Autowired
+    private ConfigurationDao configurationDao;
    private MockMvc mvc;
-    private static final RequestPostProcessor ADMIN_CREDENTIALS = httpBasic("smp_admin", "test123");
    @Before
-    public void setup() {
+    public void setup() throws IOException {
-        mvc = MockMvcBuilders.webAppContextSetup(webAppContext)
+        X509CertificateTestUtils.reloadKeystores();
-                .apply(SecurityMockMvcConfigurers.springSecurity())
+        mvc = MockMvcUtils.initializeMockMvc(webAppContext);
-                .build();
+        configurationDao.reloadPropertiesFromDatabase();
-        initServletContext();
+        uiKeystoreService.refreshData();
    }
-    private void initServletContext() {
-        MockServletContext sc = new MockServletContext("");
-        ServletContextListener listener = new ContextLoaderListener(webAppContext);
-        ServletContextEvent event = new ServletContextEvent(sc);
-    }
    @Test
    public void authenticateSuccessTest() throws Exception {

--- a/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/ui/external/ApplicationResourceIntegrationTest.java
+++ b/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/ui/external/ApplicationResourceIntegrationTest.java
@@ -6,6 +6,7 @@ import eu.europa.ec.edelivery.smp.data.ui.SmpInfoRO;
 import eu.europa.ec.edelivery.smp.data.ui.enums.SMPPropertyEnum;
 import eu.europa.ec.edelivery.smp.test.SmpTestWebAppConfig;
 import eu.europa.ec.edelivery.smp.ui.ResourceConstants;
+import org.hamcrest.MatcherAssert;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -27,9 +28,8 @@ import javax.servlet.ServletContextEvent;
 import javax.servlet.ServletContextListener;
 import static eu.europa.ec.edelivery.smp.test.testutils.MockMvcUtils.*;
-import static eu.europa.ec.edelivery.smp.test.testutils.MockMvcUtils.loginWithSMPAdmin;
+import static org.hamcrest.CoreMatchers.startsWith;
 import static org.junit.Assert.*;
-import static org.junit.Assert.assertFalse;
 import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
 import static org.springframework.test.context.jdbc.Sql.ExecutionPhase.BEFORE_TEST_METHOD;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
@@ -87,7 +87,7 @@ public class ApplicationResourceIntegrationTest {
    @Test
    public void getDisplayName() throws Exception {
        String value = applicationResource.getDisplayVersion();
-        assertEquals("TestApplicationSmpName Version [TestApplicationVersion] Build-Time [2018-11-27 00:00:00|Central European Time]", value);
+        MatcherAssert.assertThat(value, startsWith("TestApplicationSmpName Version [TestApplicationVersion] Build-Time [2018-11-27 00:00:00"));
    }
    @Test
@@ -100,7 +100,7 @@ public class ApplicationResourceIntegrationTest {
        ObjectMapper mapper = new ObjectMapper();
        SmpInfoRO info = mapper.readValue(value, SmpInfoRO.class);
-        assertEquals("TestApplicationSmpName Version [TestApplicationVersion] Build-Time [2018-11-27 00:00:00|Central European Time]", info.getVersion());
+        MatcherAssert.assertThat(info.getVersion(), startsWith("TestApplicationSmpName Version [TestApplicationVersion] Build-Time [2018-11-27 00:00:00"));
        assertEquals("/", info.getContextPath());
    }

--- a/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/ui/internal/TruststoreAdminResourceIntegrationTest.java
+++ b/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/ui/internal/TruststoreAdminResourceIntegrationTest.java
@@ -74,7 +74,7 @@ public class TruststoreAdminResourceIntegrationTest {
        UserRO userRO = getLoggedUserData(mvc, session);
        // given when
-        mvc.perform(post(PATH_PUBLIC + "/"+userRO.getUserId()+"/validate-certificate")
+        mvc.perform(post(PATH_PUBLIC + "/" + userRO.getUserId() + "/validate-certificate")
                .session(session)
                .with(csrf())
                .content(buff))
@@ -90,7 +90,7 @@ public class TruststoreAdminResourceIntegrationTest {
        // when update data
        UserRO userRO = getLoggedUserData(mvc, session);
        // given when
-        MvcResult result = mvc.perform(post(PATH_PUBLIC +  "/"+userRO.getUserId()+"/validate-certificate")
+        MvcResult result = mvc.perform(post(PATH_PUBLIC + "/" + userRO.getUserId() + "/validate-certificate")
                .session(session)
                .with(csrf())
                .content(buff))
@@ -105,7 +105,7 @@ public class TruststoreAdminResourceIntegrationTest {
        assertEquals("1.2.840.113549.1.9.1=#160c736d7040746573742e636f6d,CN=SMP test,O=DIGIT,C=BE", res.getSubject());
        assertEquals("3", res.getSerialNumber());
        assertEquals("CN=SMP test,O=DIGIT,C=BE:0000000000000003", res.getCertificateId());
-        assertEquals("sno=3&subject=1.2.840.113549.1.9.1%3D%23160c736d7040746573742e636f6d%2CCN%3DSMP+test%2CO%3DDIGIT%2CC%3DBE&validfrom=May+22+20%3A59%3A00+2018+GMT&validto=May+22+20%3A56%3A00+2019+GMT&issuer=CN%3DIntermediate+CA%2CO%3DDIGIT%2CC%3DBE", res.getClientCertHeader());
+        assertEquals("sno=3&subject=1.2.840.113549.1.9.1%3D%23160c736d7040746573742e636f6d%2CCN%3DSMP+test%2CO%3DDIGIT%2CC%3DBE&validfrom=May+22+18%3A59%3A00+2018+GMT&validto=May+22+18%3A56%3A00+2019+GMT&issuer=CN%3DIntermediate+CA%2CO%3DDIGIT%2CC%3DBE", res.getClientCertHeader());
    }
    @Test
@@ -120,7 +120,7 @@ public class TruststoreAdminResourceIntegrationTest {
        X509Certificate certificate = X509CertificateTestUtils.createX509CertificateForTest(serialNumber, subject);
        byte[] buff = certificate.getEncoded();
        // given when
-        MvcResult result = mvc.perform(post(PATH_PUBLIC +  "/"+userRO.getUserId()+"/validate-certificate")
+        MvcResult result = mvc.perform(post(PATH_PUBLIC + "/" + userRO.getUserId() + "/validate-certificate")
                .session(session)
                .with(csrf())
                .content(buff))
@@ -198,7 +198,7 @@ public class TruststoreAdminResourceIntegrationTest {
        assertEquals(countStart + 1, uiTruststoreService.getNormalizedTrustedList().size());
        // then
-        MvcResult result = mvc.perform(delete(PATH_INTERNAL  + "/" + userRO.getUserId() + "/delete/" + res.getAlias())
+        MvcResult result = mvc.perform(delete(PATH_INTERNAL + "/" + userRO.getUserId() + "/delete/" + res.getAlias())
                .session(session)
                .with(csrf())
                .content(buff))

--- a/smp-wls-deploy/pom.xml
+++ b/smp-wls-deploy/pom.xml
@@ -4,7 +4,7 @@
    <parent>
        <groupId>eu.europa.ec.edelivery</groupId>
        <artifactId>smp-modules</artifactId>
-        <version>4.2-RC2-SNAPSHOT</version>
+        <version>5.0-SNAPSHOT</version>
        <relativePath>../pom.xml</relativePath>
    </parent>
    <artifactId>smp-wls-deploy</artifactId>