Commit aac8e4cc authored by cdanger's avatar cdanger
Browse files

Merge branch 'release/10.0.0'

parents 17fe216f a2772ee1
name: CI
'on':
push:
branches:
- develop
pull_request:
branches:
- develop
jobs:
unit-test:
name: Unit Tests
runs-on: ubuntu-latest
steps:
- name: Git checkout
uses: actions/checkout@v2
- name: Use Java 8
uses: actions/setup-java@v1
with:
java-version: 8
- name: 'Unit Tests with Java 8'
run: |
mvn install -DskipTests=true -Dmaven.javadoc.skip=true -B -V
mvn test -B
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
COVERALLS_TOKEN: ${{ secrets.COVERALLS_TOKEN }}
\ No newline at end of file
......@@ -4,3 +4,5 @@
/.README.md.html
/.CHANGELOG.md.html
/.pmd
/.idea
*.iml
language: java
jdk:
- openjdk8
......@@ -4,6 +4,40 @@ All notable changes to this project are documented in this file following the [K
Issues reported on [GitHub](https://github.com/authzforce/server/issues) are referenced in the form of `[GH-N]`, where N is the issue number. Issues reported on [OW2](https://jira.ow2.org/browse/AUTHZFORCE/) are mentioned in the form of `[OW2-N]`, where N is the issue number.
## 10.0.0
### Changed
- Upgraded AuthzForce Parent: 8.0.0:
- Upgraded to Java 11 support (Java 8 no longer supported)
- Upgraded dependencies:
- authzforce-ce-rest-api-model: 6.0.0
- authzforce-ce-jaxrs-utils: 2.0.1
- authzforce-ce-core-pdp-engine: 17.1.0
- authzforce-ce-core-pdp-io-xacml-json: 17.1.0
- authzforce-ce-core-pap-api: 11.0.0
- authzforce-ce-pap-dao-flat-file: 13.0.0
- authzforce-ce-core-pdp-api: 18.0.1
- authzforce-ce-xacml-json-model: 3.0.2
- Jakarta RESTful Web Services: 2.1.6
- JAXB (Jakarta XML Binding): 2.3.3
- Apache CXF v3.4.1
- Spring Boot Starter 2.3.5
- Spring Core: 5.2.10
- jettison: 1.4.1
- org.json:json: v20190722
- org.everit.json.schema: 1.12.1
- SLF4J API: 1.7.30
### Added
- GH-61: JSON Object support in XACML/JSON Requests/Responses (as defined by JSON Profile of XACML), allowing custom XACML datatypes with JSON object structures.
- Support for validation of XACML/JSON requests (JSON Profile) with custom JSON schema stored in configuration directory, using new webapp environment property (e.g. specified in Tomcat webapp context) `org.ow2.authzforce.domains.xacmlJsonSchemaRelativePath` to be specified in `/etc/tomcat9/<Engine>/<Host>/authzforce-ce.xml` (more info in [webapp-context.xml](dist/src/webapp-context.xml) )
### Fixed
- GH-62: duplicate declaration of namespace prefix now allowed
- CVE on jackson-databind -> v2.9.10.8
- CVE-2018-8088 affecting slf4j
## 9.0.1
### Fixed
- Tomcat startup error after Debian package install
......@@ -31,7 +65,7 @@ Issues reported on [GitHub](https://github.com/authzforce/server/issues) are ref
- authzforce-ce-pap-dao-flat-file: 12.0.0
### Fixed
- #46 : bad PolicySets pushed to the /pap/policies endpoint are still saved on server side even if a HTTP 400 Bad Request is returned.
- GH-46: bad PolicySets pushed to the /pap/policies endpoint are still saved on server side even if a HTTP 400 Bad Request is returned.
- Issues with XACML/JSON responses (XACML JSON Profile)
- CVE on slf4j
......
......@@ -7,7 +7,7 @@
[![Support badge](https://img.shields.io/badge/support-ask.fiware.org-yellowgreen.svg)](https://ask.fiware.org/questions/scope:all/sort:activity-desc/tags:authzforce/)
<br/>
[![Documentation badge](https://readthedocs.org/projects/authzforce-ce-fiware/badge/?version=latest)](http://authzforce-ce-fiware.readthedocs.io/en/latest/?badge=latest)
[![Build Status](https://travis-ci.org/authzforce/server.svg?branch=develop)](https://travis-ci.org/authzforce/server)
[![CI](https://github.com/authzforce/server/workflows/CI/badge.svg)](https://github.com/authzforce/server/actions?query=workflow%3ACI)
![Status](https://nexus.lab.fiware.org/static/badges/statuses/authzforce.svg)
[![Codacy Badge](https://api.codacy.com/project/badge/Grade/cdb9dd59cbf04a95bfbfbdcf770bb7d8)](https://www.codacy.com/app/coder103/authzforce-ce-server?utm_source=github.com&utm_medium=referral&utm_content=authzforce/server&utm_campaign=Badge_Grade)
[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Fauthzforce%2Fserver.svg?type=shield)](https://app.fossa.io/projects/git%2Bgithub.com%2Fauthzforce%2Fserver?ref=badge_shield)
......@@ -67,6 +67,7 @@ applications, AuthzForce also provides a PDP engine as a Java library in
validation;
- DoS mitigation: JSON parser variant checking max JSON string size,
max number of JSON keys/array items and max JSON object depth.
- [GeoXACML 1.0.1](http://portal.opengeospatial.org/files/?artifact_id=42734). Supported as third-party extension from [Secure Dimensions](https://github.com/securedimensions/authzforce-geoxacml-basic)
- Experimental support for:
- [XACML Data Loss Prevention / Network Access Control (DLP/NAC) Profile Version 1.0](http://docs.oasis-open.org/xacml/xacml-3.0-dlp-nac/v1.0/xacml-3.0-dlp-nac-v1.0.html):
only `dnsName-value` datatype and `dnsName-value-equal` function are
......@@ -147,10 +148,10 @@ More information in the previous section.
- Conformance with
[REST Profile of XACML v3.0 Version 1.0](http://docs.oasis-open.org/xacml/xacml-rest/v1.0/xacml-rest-v1.0.html)
- Supported data formats, aka content types:
- `application/xml`: XML based on API schema;
- `application/fastinfoset`: [Fast Infoset](http://www.itu.int/en/ITU-T/asn1/Pages/Fast-Infoset.aspx) based on API's XML schema;
- `application/json`: JSON based on API's XMLschema with a generic XML-to-JSON mapping convention
- `application/xacml+xml`: XACML content only, as defined by [RFC 7061](https://tools.ietf.org/html/rfc7061)
- `application/xml`: XML based on API schema;
- `application/fastinfoset`: [Fast Infoset](http://www.itu.int/en/ITU-T/asn1/Pages/Fast-Infoset.aspx) based on API's XML schema;
- `application/json`: JSON based on API's XMLschema with a generic XML-to-JSON mapping convention
- `application/xacml+xml`: XACML content only, as defined by [RFC 7061](https://tools.ietf.org/html/rfc7061)
- `application/xacml+json`: JSON format for XACML Request/Response on PDP only, as defined by [XACML v3.0 - JSON Profile Version 1.0](http://docs.oasis-open.org/xacml/xacml-json-http/v1.0/xacml-json-http-v1.0.html)
- Defined in standard
[Web Application Description Language and XML schema](https://github.com/authzforce/rest-api-model/tree/develop/src/main/resources)
......@@ -249,7 +250,7 @@ forwards the request to the web service implementation if the decision is
Permit, else rejects it. For more information, see the Javadoc of
[RESTfulPdpBasedAuthzInterceptorTest](webapp/src/test/java/org/ow2/authzforce/webapp/test/pep/cxf/RESTfulPdpBasedAuthzInterceptorTest.java).
## Testing
To run unit tests, install Maven and type
......@@ -318,7 +319,7 @@ $ mvn -Dhttps.proxyHost=proxyhostname -Dhttps.proxyPort=8080 jgitflow:release-st
```console
$ mvn -Dhttps.proxyHost=proxyhostname -Dhttps.proxyPort=8080 -DnoDeploy=true jgitflow:release-finish
```
More info on jgitflow: http://jgitflow.bitbucket.org/
5. Connect and log in to the OSS Nexus Repository Manager:
https://oss.sonatype.org/
......@@ -348,17 +349,17 @@ Apache License.
### Are there any legal issues with GPL 3.0? Is it safe for me to use?
There is absolutely no problem in using a product licensed under GPL 3.0. Issues with GPL
(or AGPL) licenses are mostly related with the fact that different people assign different
There is absolutely no problem in using a product licensed under GPL 3.0. Issues with GPL
(or AGPL) licenses are mostly related with the fact that different people assign different
interpretations on the meaning of the term “derivate work” used in these licenses. Due to this,
some people believe that there is a risk in just _using_ software under GPL or AGPL licenses
(even without _modifying_ it).
For the avoidance of doubt, the owners of this software licensed under an GPL 3.0 license
For the avoidance of doubt, the owners of this software licensed under an GPL 3.0 license
wish to make a clarifying public statement as follows:
> Please note that software derived as a result of modifying the source code of this
> software in order to fix a bug or incorporate enhancements is considered a derivative
> work of the product. Software that merely uses or aggregates (i.e. links to) an otherwise
> software in order to fix a bug or incorporate enhancements is considered a derivative
> work of the product. Software that merely uses or aggregates (i.e. links to) an otherwise
> unmodified version of existing software is not considered a derivative work, and therefore
> it does not need to be released as under the same license, or even released as open source.
......@@ -18,9 +18,9 @@ any time.
## Short term
The following list of features are planned to be addressed in the short term,
and incorporated in the next release of the product planned for **2020**:
and incorporated in the next release of the product planned for **2021**:
- #50 .
*N/A*
## Medium term
......@@ -28,7 +28,7 @@ The following list of features are planned to be addressed in the medium term,
typically within the subsequent release(s) generated in the next **9 months**
after next planned release:
- GeoXACML support
- #50 .
## Long term
......
......@@ -3,7 +3,7 @@
<parent>
<groupId>org.ow2.authzforce</groupId>
<artifactId>authzforce-ce-server</artifactId>
<version>9.0.1</version>
<version>10.0.0</version>
<relativePath>..</relativePath>
</parent>
<artifactId>authzforce-ce-server-dist</artifactId>
......
......@@ -3,7 +3,7 @@ Version: [[version]]
Section: web
Priority: optional
Architecture: all
Depends: debconf (>= 0.2.26), openjdk-8-jre | oracle-java8-installer, tomcat9
Depends: debconf (>= 0.2.26), openjdk-11-jre | oracle-java11-installer, tomcat9
Maintainer: [[productMaintainer]]
Description: AuthzForce CE Server.
Reference Implementation of FIWARE Authorization PDP Generic Enabler
......
......@@ -17,7 +17,7 @@ systemctl daemon-reload
db_get [[productId]]/restartTomcat
if [ "$RET" = true ]; then
export JAVA_OPTS='"-Djava.awt.headless=true -Djavax.xml.accessExternalSchema=all -Xms1024m -Xmx1024m -XX:+UseConcMarkSweepGC -server"'
export JAVA_OPTS='"-Djava.awt.headless=true -Djavax.xml.accessExternalSchema=all -Xms1024m -Xmx1024m -server"'
sed -i 's|^\(JAVA_OPTS\s*=\s*\).*$|\1'"$JAVA_OPTS"'|' /etc/default/tomcat9
systemctl stop tomcat9
rm -rf /var/log/tomcat9/*
......@@ -25,7 +25,7 @@ if [ "$RET" = true ]; then
fi
echo "If you answered 'No' to the second question, you need to set the JAVA_OPTS in '/etc/default/tomcat9' by yourself before restarting Tomcat:"
echo " JAVA_OPTS=\"-Djava.awt.headless=true -Djavax.xml.accessExternalSchema=all -Xms1024m -Xmx1024m -XX:+UseConcMarkSweepGC -server\""
echo " JAVA_OPTS=\"-Djava.awt.headless=true -Djavax.xml.accessExternalSchema=all -Xms1024m -Xmx1024m -server\""
echo
echo "If Tomcat fails to restart, check for any Tomcat high-level error in Tomcat log directory: /var/log/tomcat9"
echo "Then fix it, in particular check the settings in Tomcat init script /etc/default/tomcat9 and restart Tomcat as follows:"
......
......@@ -10,7 +10,7 @@ Type: boolean
Default: true
Description: Do you want to apply recommended Tomcat settings for AuthzForce (and restart Tomcat to apply changes)?
We recommend the following Tomcat settings for AuthzForce:
JAVA_OPTS='"-Djava.awt.headless=true -Djavax.xml.accessExternalSchema=all -Xms1024m -Xmx1024m -XX:+UseConcMarkSweepGC -server"'
JAVA_OPTS='"-Djava.awt.headless=true -Djavax.xml.accessExternalSchema=all -Xms1024m -Xmx1024m -server"'
Do you agree to apply these settings to Tomcat init script (/etc/default/tomcat9) now?
If you answer No, you can always apply these manually and restart Tomcat later with this command:
$ systemctl restart tomcat9
......@@ -2,7 +2,7 @@ Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: authzforce-ce-server-dist
Files: *
Copyright: Copyright (C) 2012-2020 Thales. All rights reserved.
Copyright: Copyright (C) 2012-2021 Thales. All rights reserved.
Licence: GPL-3.0
The full text of the GNU General Public
License version 3 can be found in the file
......
# Copyright (C) 2012-2020 Thales.
# Copyright (C) 2012-2021 Thales.
#
# This file is part of AuthzForce CE.
#
......@@ -23,7 +23,7 @@
# The alternative is to use FROM ubuntu:* then install tomcat ubuntu package and use upstart/sysctl init script but this is not the way to go:
# https://github.com/docker/docker/issues/6800
FROM tomcat:9-jre8
FROM tomcat:9-jre11-slim
MAINTAINER AuthzForce Team
ENV DEBIAN_FRONTEND noninteractive
......@@ -37,7 +37,7 @@ ENV DEBIAN_FRONTEND noninteractive
#ENV HTTP_PROXY 'http://user:password@proxy-host:proxy-port'
#ENV HTTPS_PROXY 'http://user:password@proxy-host:proxy-port'
ENV JAVA_OPTS="-Djava.security.egd=file:/dev/./urandom -Djava.awt.headless=true -Djavax.xml.accessExternalSchema=all -Xms1024m -Xmx1024m -XX:+UseConcMarkSweepGC -server"
ENV JAVA_OPTS="-Djava.security.egd=file:/dev/./urandom -Djava.awt.headless=true -Djavax.xml.accessExternalSchema=all -Xms1024m -Xmx1024m -server"
ENV AUTHZFORCE_SERVER_VERSION="${project.version}"
ENV AUTHZFORCE_SERVER_DOWNLOAD_URL="https://repo1.maven.org/maven2/org/ow2/authzforce/authzforce-ce-server-dist/$AUTHZFORCE_SERVER_VERSION/authzforce-ce-server-dist-$AUTHZFORCE_SERVER_VERSION.deb"
......
## AuthzForce Server CE - Minimal Docker image
This image of a minimal AuthzForce Server runtime is intended to work together with [Identity Manager - Keyrock](http://catalogue.fiware.org/enablers/identity-management-keyrock) and [PEP Proxy Wilma](http://catalogue.fiware.org/enablers/pep-proxy-wilma) generic enabler.
## Image contents
- OpenJDK JRE 8;
- Tomcat 9;
- AuthzForce Server CE (version matching the Docker image tag).
## Usage
This image gives you a minimal installation for testing purposes. The AuthzForce Installation and Administration guide on [readthedocs.org](https://readthedocs.org/projects/authzforce-ce-fiware/versions/) (select the version matching the Docker image tag, then **AuthzForce - Installation and Administration Guide**) provides you a better approach for using it in a production environment. This installation guide also gives instructions to install from .deb package (instead of Docker), which is the recommended way for Ubuntu hosts.
Create a container using `authzforce/server` image by doing (replace the first *8080* after *-p* with whatever network port you want to use on the host to access the AuthzForce Server, e.g. 80; and *release-9.0.0* with the current Docker image tag that you are using):
```
docker run -d -p 8080:8080 --name <container-name> fiware/authzforce-ce-server:release-9.0.0
```
As stands in the AuthzForce Installation and administration guide on [readthedocs.org](https://readthedocs.org/projects/authzforce-ce-fiware/versions/) (select the version matching the Docker image tag, then **AuthzForce - Installation and Administration Guide**) you can:
* **Create a domain**
```
curl -s --request POST \
--header "Accept: application/xml" \
--header "Content-Type: application/xml;charset=UTF-8" \
--data '<?xml version="1.0" encoding="UTF-8"?><taz:domainProperties xmlns:taz="http://authzforce.github.io/rest-api-model/xmlns/authz/5" />' \
http://<authzforce-container-ip>:8080/authzforce-ce/domains
```
* **Retrieve the domain ID**
```
curl -s --request GET http://<authzforce-container-ip>:8080/authzforce-ce/domains
```
* **Domain removal**
```
curl --verbose --request DELETE \
--header "Content-Type: application/xml;charset=UTF-8" \
--header "Accept: application/xml" \
http://<authzforce-container-ip>:8080/authzforce-ce/domains/<domain-id>
```
* **User and Role Management Setup && Domain Role Assignment**
These tasks are now delegated to the [Identity Manager - Keyrock](http://catalogue.fiware.org/enablers/identity-management-keyrock) enabler. Here you can find how to use the interface for that purpose: [How to manage AuthzForce in Fiware](https://www.fiware.org/devguides/handling-authorization-and-access-control-to-apis/how-to-manage-access-control-in-fiware/).
## User feedback
### Documentation
All the information regarding the Dockerfile is hosted publicly on [Github](https://github.com/authzforce/server/tree/master/src/docker).
### Issues
If you find any issue with this image, feel free to report at [Github issue tracking system](https://github.com/authzforce/server/issues).
## AuthzForce Server CE - Minimal Docker image
This image of a minimal AuthzForce Server runtime is intended to work together with [Identity Manager - Keyrock](http://catalogue.fiware.org/enablers/identity-management-keyrock) and [PEP Proxy Wilma](http://catalogue.fiware.org/enablers/pep-proxy-wilma) generic enabler.
## Image contents
- OpenJDK JRE 8;
- Tomcat 9 (since AuthzForce Server v9.0.1, else Tomcat 8 for older versions);
- AuthzForce Server CE (version matching the Docker image tag).
## Usage
This image gives you a minimal installation for testing purposes. The AuthzForce Installation and Administration guide on [readthedocs.org](https://readthedocs.org/projects/authzforce-ce-fiware/versions/) (select the version matching the Docker image tag, then **AuthzForce - Installation and Administration Guide**) provides you a better approach for using it in a production environment. This installation guide also gives instructions to install from .deb package (instead of Docker), which is the recommended way for Ubuntu hosts.
Create a container using `authzforce/server` image by doing (replace the first *8080* after *-p* with whatever network port you want to use on the host to access the AuthzForce Server, e.g. 80; and *release-9.0.1* with the current Docker image tag that you are using):
```
docker run -d -p 8080:8080 --name <container-name> authzforce/server:release-9.0.1
```
As stands in the AuthzForce Installation and administration guide on [readthedocs.org](https://readthedocs.org/projects/authzforce-ce-fiware/versions/) (select the version matching the Docker image tag, then **AuthzForce - Installation and Administration Guide**) you can:
* **Create a domain**
```
curl -s --request POST \
--header "Accept: application/xml" \
--header "Content-Type: application/xml;charset=UTF-8" \
--data '<?xml version="1.0" encoding="UTF-8"?><taz:domainProperties xmlns:taz="http://authzforce.github.io/rest-api-model/xmlns/authz/5" />' \
http://<authzforce-container-ip>:8080/authzforce-ce/domains
```
* **Retrieve the domain ID**
```
curl -s --request GET http://<authzforce-container-ip>:8080/authzforce-ce/domains
```
* **Domain removal**
```
curl --verbose --request DELETE \
--header "Content-Type: application/xml;charset=UTF-8" \
--header "Accept: application/xml" \
http://<authzforce-container-ip>:8080/authzforce-ce/domains/<domain-id>
```
* **User and Role Management Setup && Domain Role Assignment**
These tasks are now delegated to the [Identity Manager - Keyrock](http://catalogue.fiware.org/enablers/identity-management-keyrock) enabler. Here you can find how to use the interface for that purpose: [How to manage AuthzForce in Fiware](https://www.fiware.org/devguides/handling-authorization-and-access-control-to-apis/how-to-manage-access-control-in-fiware/).
## User feedback
### Documentation
All the information regarding the Dockerfile is hosted publicly on [Github](https://github.com/authzforce/server/tree/master/src/docker).
### Issues
If you find any issue with this image, feel free to report at [Github issue tracking system](https://github.com/authzforce/server/issues).
......@@ -30,7 +30,10 @@
<Environment name="org.ow2.authzforce.domains.enableXacmlJsonProfile" value="true" type="java.lang.Boolean" override="false"
description="Enable support for JSON Profile of XACML 3.0 on domains' PDP endpoints iff true" />
<!-- <Environment name="org.ow2.authzforce.webapp.publishedEndpointUrl" value="http://localhost:8080" type="java.lang.Boolean" override="false" description="Base address specified in the auto-generated
<Environment name="org.ow2.authzforce.domains.xacmlJsonSchemaRelativePath" value="" type="java.lang.String" override="false"
description="Path to JSON schema file for XACML JSON Profile's Request validation, relative to ${org.ow2.authzforce.config.dir} (if undefined/empty value, the Request.schema.json file from authzforce-ce-xacml-json-model project is used by default)" />
<!-- <Environment name="org.ow2.authzforce.webapp.publishedEndpointUrl" value="http://localhost:8080" type="java.lang.String" override="false" description="Base address specified in the auto-generated
WADL. This parameter allows setting the public URL that may not be the same as the URL the service is deployed on. (For example, the service is behind a proxy of some sort)." /> -->
<!-- <Environment name="org.ow2.authzforce.webapp.jsonKeysWithArrays" type="java.lang.String" override="false" description="Comma-separated list of JSON keys with values to be always serialized to JSON
......
......@@ -4,21 +4,21 @@
<parent>
<groupId>org.ow2.authzforce</groupId>
<artifactId>authzforce-ce-parent</artifactId>
<version>7.6.1</version>
<version>8.0.0</version>
</parent>
<artifactId>authzforce-ce-server</artifactId>
<!-- FIWARE Versioning + Version must be equal or higher than 'authzforce-ce-rest-api-model' dependency in 'rest-service' module -->
<version>9.0.1</version>
<version>10.0.0</version>
<packaging>pom</packaging>
<name>${project.groupId}:${project.artifactId}</name>
<description>AuthzForce CE Server</description>
<url>${project.url}</url>
<properties>
<git.url.base>https://github.com/authzforce/server</git.url.base>
<authzforce-ce-core.version>16.0.0</authzforce-ce-core.version>
<authzforce-ce-core-pap-api.version>10.1.0</authzforce-ce-core-pap-api.version>
<authzforce-ce-core.version>17.1.0</authzforce-ce-core.version>
<authzforce-ce-core-pap-api.version>11.0.0</authzforce-ce-core-pap-api.version>
<!-- Version must be compatible with authzforce-ce-core and authzforce-ce-core-pap-api versions above. -->
<authzforce-ce-pap-dao-flat-file.version>12.0.0</authzforce-ce-pap-dao-flat-file.version>
<authzforce-ce-pap-dao-flat-file.version>13.0.0</authzforce-ce-pap-dao-flat-file.version>
<productId>authzforce-ce-server</productId>
<productName>AuthzForce CE Server</productName>
<productMaintainer>THALES</productMaintainer>
......
<?xml version="1.0" encoding="ISO-8859-1"?>
<additionalHeaders>
<javadoc_style>
<firstLine>/*</firstLine>
<beforeEachLine> * </beforeEachLine>
<endLine> */</endLine>
<!--<afterEachLine></afterEachLine>-->
<!--skipLine></skipLine-->
<firstLineDetectionPattern>(\s|\t)*/\*.*$</firstLineDetectionPattern>
<lastLineDetectionPattern>.*\*/(\s|\t)*$</lastLineDetectionPattern>
<allowBlankLines>false</allowBlankLines>
<isMultiline>true</isMultiline>
<padLines>false</padLines>
</javadoc_style>
</additionalHeaders>
......@@ -4,7 +4,7 @@
<groupId>org.ow2.authzforce</groupId>
<artifactId>authzforce-ce-server</artifactId>
<!-- Version must be equal or higher than authzforce-ce-rest-api-model dependency -->
<version>9.0.1</version>
<version>10.0.0</version>
<relativePath>..</relativePath>
</parent>
<artifactId>authzforce-ce-server-rest-service</artifactId>
......@@ -30,7 +30,7 @@
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>${artifactId.prefix}-rest-api-model</artifactId>
<version>5.7.0</version>
<version>6.0.0</version>
</dependency>
<dependency>
<groupId>${project.groupId}</groupId>
......@@ -39,7 +39,7 @@
<dependency>
<groupId>org.ow2.authzforce</groupId>
<artifactId>authzforce-ce-jaxrs-utils</artifactId>
<version>1.6.0</version>
<version>2.0.1</version>
</dependency>
</dependencies>
<build>
......@@ -83,7 +83,7 @@
<resources>
<!-- Replace variable 'productName', 'project.version', 'build.date' in some source files. The result goes to ${project.build.directory}. -->
<resource>
<directory>src</directory>
<directory>src/main/resources</directory>
<filtering>true</filtering>
<includes>
<include>org.ow2.authzforce.server.product.properties</include>
......@@ -112,8 +112,8 @@
</executions>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>findbugs-maven-plugin</artifactId>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-maven-plugin</artifactId>
<executions>
<execution>
<phase>verify</phase>
......@@ -144,8 +144,11 @@
<artifactId>license-maven-plugin</artifactId>
<configuration>
<header>license/thales-gpl.header.txt</header>
<headerDefinitions>
<headerDefinition>license/header-defs.xml</headerDefinition>
</headerDefinitions>
<includes>
<include>src/**</include>
<include>src/main/java/**</include>
</includes>
<excludes>
<exclude>src/test/resources/**</exclude>
......
<?xml version="1.0"?>
<!--
This file contains some false positive bugs detected by Findbugs. Their
false positive nature has been analyzed individually and they have been
put here to instruct Findbugs to ignore them.
-->
<FindBugsFilter>
</FindBugsFilter>
\ No newline at end of file
/**
* Copyright (C) 2012-2020 THALES.
/*
* Copyright (C) 2012-2021 THALES.
*
* This file is part of AuthzForce CE.
*
......
/**
* Copyright (C) 2012-2020 THALES.
/*
* Copyright (C) 2012-2021 THALES.
*
* This file is part of AuthzForce CE.
*
......@@ -16,9 +16,6 @@
* You should have received a copy of the GNU General Public License
* along with AuthzForce CE. If not, see <http://www.gnu.org/licenses/>.
*/
/**
*
*/
package org.ow2.authzforce.rest.service.jaxrs;
import java.beans.ConstructorProperties;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment