diff --git a/api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Saml2ClientBuilder.java b/api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Saml2ClientBuilder.java
index 1bd8e94f1449caec01709b763b2bd57fa32a1cfb..a453a4c967d760873151de3ac2c5e3b42e3c6bb5 100644
--- a/api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Saml2ClientBuilder.java
+++ b/api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Saml2ClientBuilder.java
@@ -44,7 +44,7 @@ import javax.validation.constraints.NotNull;
import org.apache.commons.lang3.StringUtils;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.util.CommonHelper;
-import org.pac4j.core.util.Pac4jConstants;
+import org.pac4j.core.context.Pac4jConstants;
import org.pac4j.saml.client.SAML2Client;
import org.pac4j.saml.config.SAML2Configuration;
import org.springframework.beans.factory.annotation.Value;
diff --git a/cas/cas-server/pom.xml b/cas/cas-server/pom.xml
index 4d23a2eeddc11ebd15e05c2afa15a5912cf8c066..bca48749b6653482abcaad084b2e113b082d6027 100644
--- a/cas/cas-server/pom.xml
+++ b/cas/cas-server/pom.xml
@@ -11,20 +11,15 @@
<name>VITAMUI CAS Server</name>
<properties>
- <!--groovy.version>2.4.15</groovy.version>
-
- <spring.aop.version>4.3.20.RELEASE</spring.aop.version>
- <spring.boot.version>1.5.18.RELEASE</spring.boot.version>
- <spring.cloud.consul.version>1.3.0.RELEASE</spring.cloud.consul.version>
- <spring.oxm.version>4.3.20.RELEASE</spring.oxm.version>
- <spring.security.version>4.2.8.RELEASE</spring.security.version>
- <spring.version>4.3.20.RELEASE</spring.version-->
- <cas.hibernate.validator.version>6.1.0.Final</cas.hibernate.validator.version>
+ <spring.boot.version>2.2.0.RELEASE</spring.boot.version>
+ <spring.version>5.2.0.RELEASE</spring.version>
+ <spring.security.version>5.2.0.RELEASE</spring.security.version>
<spring.test.version>5.2.0.RELEASE</spring.test.version>
<swagger.version>1.5.18</swagger.version>
<thymeleaf-spring5.version>3.0.11.RELEASE</thymeleaf-spring5.version>
- <!--micrometer.version>1.0.1</micrometer.version-->
<assertj-core.version>3.11.1</assertj-core.version>
+ <lombok.version>1.18.10</lombok.version>
+ <mockito.version>1.10.19</mockito.version>
<rpm.skip>false</rpm.skip>
<rpm.jar-file>${project.build.finalName}.war</rpm.jar-file>
@@ -48,6 +43,18 @@
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-reactor-netty</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-json</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-databind</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ </exclusion>
</exclusions>
</dependency>
@@ -60,24 +67,11 @@
<scope>runtime</scope>
</dependency>
- <!-- Spring -->
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-aop</artifactId>
- <version>${spring.boot.version}</version>
- </dependency>
-
<!-- services registry -->
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-mongo-service-registry</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<!-- authentication delegation -->
@@ -85,67 +79,31 @@
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-authentication</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-pac4j-webflow</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-pac4j-core</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-pac4j-core-clients</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-web</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-util</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.pac4j</groupId>
@@ -162,28 +120,11 @@
<scope>provided</scope>
</dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-data-mongodb</artifactId>
- <exclusions>
- <exclusion>
- <groupId>org.mongodb</groupId>
- <artifactId>mongodb-driver</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
-
<!-- tickets registry -->
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-hazelcast-ticket-registry</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<!-- surrogation -->
@@ -191,78 +132,36 @@
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-surrogate-api</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-surrogate-authentication</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-surrogate-authentication-rest</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-surrogate-webflow</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-configuration</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-webflow</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-services-api</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<!-- password management -->
@@ -270,56 +169,26 @@
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-pm-rest</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-pm</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-pm-webflow</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-pm-core</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<!-- multi-factor authentication -->
@@ -327,23 +196,11 @@
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-authentication-mfa</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-sms-twilio</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<!-- throttling -->
@@ -351,12 +208,6 @@
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-throttle</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<!-- CustomInitialFlowSetupAction -->
@@ -364,45 +215,21 @@
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-actions</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-cookie-api</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-web-api</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-authentication-api</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<!-- others -->
@@ -410,56 +237,26 @@
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-webapp-init</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-tickets</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-services-authentication</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-webflow-api</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-saml-core</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<!-- OAuth support -->
@@ -467,96 +264,51 @@
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-oauth-webflow</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-oauth</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-oauth-api</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-oauth-core</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-token-core-api</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-oauth-core-api</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-oauth-services</artifactId>
<version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
</dependency>
- <!-- metrics / logs -->
- <dependency>
- <groupId>io.micrometer</groupId>
- <artifactId>micrometer-spring-legacy</artifactId>
- <version>${micrometer.version}</version>
- </dependency>
- <dependency>
+ <!-- metrics -->
+ <!--dependency>
<groupId>io.micrometer</groupId>
<artifactId>micrometer-registry-prometheus</artifactId>
<version>${micrometer.version}</version>
</dependency>
<dependency>
- <groupId>com.ryantenney.metrics</groupId>
- <artifactId>metrics-spring</artifactId>
- <version>3.1.3</version>
- </dependency>
+ <groupId>org.apereo.cas</groupId>
+ <artifactId>cas-server-support-metrics</artifactId>
+ <version>${cas.version}</version>
+ </dependency-->
+
+ <!-- logs -->
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
@@ -567,73 +319,22 @@
<version>${slf4j.version}</version>
</dependency>
<dependency>
- <groupId>org.apereo.cas</groupId>
- <artifactId>cas-server-core-audit</artifactId>
- <version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.apereo.cas</groupId>
- <artifactId>cas-server-core-validation-api</artifactId>
- <version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.apereo.cas</groupId>
- <artifactId>cas-server-support-metrics</artifactId>
- <version>${cas.version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j-impl</artifactId>
- </exclusion>
- </exclusions>
+ <groupId>org.slf4j</groupId>
+ <artifactId>jul-to-slf4j</artifactId>
+ <version>${slf4j.version}</version>
</dependency>
<!-- UTIL -->
- <dependency>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpclient</artifactId>
- </dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</dependency>
- <dependency>
- <groupId>xml-apis</groupId>
- <artifactId>xml-apis</artifactId>
- </dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.core</groupId>
- <artifactId>jackson-databind</artifactId>
- </dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.datatype</groupId>
- <artifactId>jackson-datatype-jdk8</artifactId>
- <version>${jackson.version}</version>
- </dependency>
<dependency>
<groupId>org.thymeleaf</groupId>
<artifactId>thymeleaf-spring5</artifactId>
<version>${thymeleaf-spring5.version}</version>
</dependency>
- <dependency>
- <groupId>org.hibernate</groupId>
- <artifactId>hibernate-validator</artifactId>
- <version>${cas.hibernate.validator.version}</version>
- </dependency>
-
<!-- TEST -->
<dependency>
<groupId>junit</groupId>
@@ -643,7 +344,7 @@
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-core</artifactId>
- <version>1.10.19</version>
+ <version>${mockito.version}</version>
<scope>test</scope>
</dependency>
<dependency>
@@ -652,12 +353,6 @@
<version>${spring.test.version}</version>
<scope>test</scope>
</dependency>
- <dependency>
- <groupId>com.fasterxml</groupId>
- <artifactId>classmate</artifactId>
- <version>1.3.4</version>
- <scope>test</scope>
- </dependency>
<dependency>
<groupId>org.assertj</groupId>
<artifactId>assertj-core</artifactId>
@@ -698,23 +393,57 @@
<artifactId>cas-server-webapp-tomcat</artifactId>
<excludes>
<exclude>WEB-INF/classes/services/*.json</exclude>
- <exclude>WEB-INF/lib/mongo-java-driver-*.jar</exclude>
- <exclude>WEB-INF/lib/pac4j-*.jar</exclude>
- <exclude>WEB-INF/lib/jackson-*.jar</exclude>
- <exclude>WEB-INF/lib/validation-api-*.jar</exclude>
+ <exclude>WEB-INF/lib/log4j-api-*.jar</exclude>
+ <exclude>WEB-INF/lib/log4j-jul-*.jar</exclude>
+ <exclude>WEB-INF/lib/log4j-core-*.jar</exclude>
+ <exclude>WEB-INF/lib/log4j-jcl-*.jar</exclude>
+ <exclude>WEB-INF/lib/log4j-web-*.jar</exclude>
+ <exclude>WEB-INF/lib/log4j-slf4j-impl-*.jar</exclude>
+ <exclude>WEB-INF/lib/log4j-slf4j18-impl-*.jar</exclude>
+ <exclude>WEB-INF/lib/spring-boot-starter-log4j2-*.jar</exclude>
+ <exclude>WEB-INF/lib/slf4j-api-1.8.0-beta4.jar</exclude>
+ <exclude>WEB-INF/lib/jcl-over-slf4j-1.8.0-beta4.jar</exclude>
+ <exclude>WEB-INF/lib/jul-to-slf4j-1.8.0-beta4.jar</exclude>
+ <exclude>WEB-INF/lib/jackson-core-2.8.10.jar</exclude>
+ <exclude>WEB-INF/lib/jackson-databind-2.8.10.jar</exclude>
+ <exclude>WEB-INF/lib/jackson-dataformat-yaml-2.8.10.jar</exclude>
</excludes>
</overlay>
</overlays>
<packagingExcludes>
WEB-INF/lib/log4j-api-*.jar,
+ WEB-INF/lib/log4j-jul-*.jar,
WEB-INF/lib/log4j-core-*.jar,
WEB-INF/lib/log4j-jcl-*.jar,
WEB-INF/lib/log4j-web-*.jar,
- WEB-INF/lib/log4j-slf4j-impl-*.jar
+ WEB-INF/lib/log4j-slf4j-impl-*.jar,
+ WEB-INF/lib/log4j-slf4j18-impl-*.jar,
+ WEB-INF/lib/spring-boot-starter-log4j2-*.jar,
+ WEB-INF/lib/slf4j-api-1.8.0-beta4.jar,
+ WEB-INF/lib/jcl-over-slf4j-1.8.0-beta4.jar,
+ WEB-INF/lib/jul-to-slf4j-1.8.0-beta4.jar,
+ WEB-INF/lib/jackson-core-2.8.10.jar,
+ WEB-INF/lib/jackson-databind-2.8.10.jar,
+ WEB-INF/lib/jackson-dataformat-yaml-2.8.10.jar
</packagingExcludes>
</configuration>
</plugin>
+ <plugin>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-maven-plugin</artifactId>
+ <configuration>
+ <mainClass>org.apereo.cas.web.CasWebApplication</mainClass>
+ </configuration>
+ <executions>
+ <execution>
+ <goals>
+ <goal>repackage</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+
<plugin>
<groupId>com.github.warmuuh</groupId>
<artifactId>libsass-maven-plugin</artifactId>
diff --git a/cas/cas-server/src/main/config/cas-server-application-dev.yml b/cas/cas-server/src/main/config/cas-server-application-dev.yml
index 100a91ddf6cefb1617a9f05cca878c2a07f4dcaa..49c2b2709086ba331b5908d0084c9467be56b2c5 100644
--- a/cas/cas-server/src/main/config/cas-server-application-dev.yml
+++ b/cas/cas-server/src/main/config/cas-server-application-dev.yml
@@ -1,3 +1,8 @@
+spring:
+ main:
+ allow-bean-definition-overriding: true
+
+
server:
ssl:
key-store: file:src/main/config/cas-server.jks
@@ -33,8 +38,7 @@ cas.messageBundle.baseNames: classpath:overriden_messages,classpath:messages
cas.tgc.path: /cas
cas.tgc.secure: false
cas.tgc.crypto.enabled: false
-cas.webflow.crypto.enabled: false
-cas.authn.pac4j.cookie.crypto.enabled: true
+cas.webflow.crypto.enabled: true
cas.authn.pm.reset.crypto.enabled: true
cas.server.prefix: https://dev.vitamui.com:8080/cas
@@ -103,16 +107,12 @@ cas:
redirectParameter: next
-endpoints.enabled: true
-endpoints.sensitive: false
-management.security.enabled: false
-cas.monitor.endpoints.sensitive: false
-cas.monitor.endpoints.enabled: true
+management.endpoints.enabled-by-default: true
+#cas.monitor.endpoints.sensitive: false
+#cas.monitor.endpoints.enabled: true
#management.metrics.export.prometheus.sensitive: false
#management.metrics.export.prometheus.enabled: true
-cas.adminPagesSecurity.ip: .*
-management.context-path: /actuator
-
+cas.monitor.endpoints.endpoint.defaults.access[0]: ANONYMOUS
# for SMS:
cas.smsProvider.twilio.accountId: AC3942c2fee9478d0295b3051735860e3b
diff --git a/cas/cas-server/src/main/config/cas-server-application-recette.yml b/cas/cas-server/src/main/config/cas-server-application-recette.yml
index 5c1ae30b4c3beb91a4cd79eeda24598013aa0b3f..b7148fc778c9566503e21230535d6ae5581a75cf 100644
--- a/cas/cas-server/src/main/config/cas-server-application-recette.yml
+++ b/cas/cas-server/src/main/config/cas-server-application-recette.yml
@@ -1,3 +1,8 @@
+spring:
+ main:
+ allow-bean-definition-overriding: true
+
+
server:
ssl:
key-store: file:src/main/config/cas-server.jks
@@ -34,8 +39,7 @@ cas.messageBundle.commonNames: classpath:/common_messages.properties
cas.tgc.path: /cas
cas.tgc.secure: false
cas.tgc.crypto.enabled: false
-cas.webflow.crypto.enabled: false
-cas.authn.pac4j.cookie.crypto.enabled: true
+cas.webflow.crypto.enabled: true
cas.authn.pm.reset.crypto.enabled: true
cas.server.prefix: https://dev.vitamui.com/cas
@@ -104,16 +108,12 @@ cas:
redirectParameter: next
-endpoints.enabled: true
-endpoints.sensitive: false
-management.security.enabled: false
-cas.monitor.endpoints.sensitive: false
-cas.monitor.endpoints.enabled: true
+management.endpoints.enabled-by-default: true
+#cas.monitor.endpoints.sensitive: false
+#cas.monitor.endpoints.enabled: true
#management.metrics.export.prometheus.sensitive: false
#management.metrics.export.prometheus.enabled: true
-cas.adminPagesSecurity.ip: .*
-management.context-path: /actuator
-
+cas.monitor.endpoints.endpoint.defaults.access[0]: ANONYMOUS
# for SMS:
cas.smsProvider.twilio.accountId: AC3942c2fee9478d0295b3051735860e3b
diff --git a/cas/cas-server/src/main/java/fr/gouv/vitamui/cas/config/AppConfig.java b/cas/cas-server/src/main/java/fr/gouv/vitamui/cas/config/AppConfig.java
index a01aac5423e2caa45dca2e8127e14ee3de4b135a..65e581b29dee3dd427eb2448d33e6154ff36a8e4 100644
--- a/cas/cas-server/src/main/java/fr/gouv/vitamui/cas/config/AppConfig.java
+++ b/cas/cas-server/src/main/java/fr/gouv/vitamui/cas/config/AppConfig.java
@@ -63,11 +63,6 @@ import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.core.Ordered;
-import com.fasterxml.jackson.databind.DeserializationFeature;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.datatype.jdk8.Jdk8Module;
-import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
-
import fr.gouv.vitamui.cas.authentication.DelegatedSurrogateAuthenticationPostProcessor;
import fr.gouv.vitamui.cas.authentication.SurrogatedUserPrincipalFactory;
import fr.gouv.vitamui.cas.authentication.UserAuthenticationHandler;
@@ -169,15 +164,6 @@ public class AppConfig extends BaseTicketCatalogConfigurer {
return new UserAuthenticationHandler(servicesManager, principalFactory);
}
- @Bean
- public ObjectMapper objectMapper() {
- final ObjectMapper mapperDontFailOnUnknowProperties = new ObjectMapper();
- mapperDontFailOnUnknowProperties.registerModule(new JavaTimeModule());
- mapperDontFailOnUnknowProperties.registerModule(new Jdk8Module());
- mapperDontFailOnUnknowProperties.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
- return mapperDontFailOnUnknowProperties;
- }
-
@Bean
public UserPrincipalResolver userResolver() {
return new UserPrincipalResolver();
diff --git a/cas/cas-server/src/main/java/fr/gouv/vitamui/cas/util/Utils.java b/cas/cas-server/src/main/java/fr/gouv/vitamui/cas/util/Utils.java
index efdba632b3200cb3b62ab5976d09839fb438e018..ca84f9ef4b6d4e9e0150474d041f5b28a0184dda 100644
--- a/cas/cas-server/src/main/java/fr/gouv/vitamui/cas/util/Utils.java
+++ b/cas/cas-server/src/main/java/fr/gouv/vitamui/cas/util/Utils.java
@@ -52,7 +52,7 @@ import org.apereo.cas.configuration.model.support.cookie.TicketGrantingCookiePro
import org.apereo.cas.web.flow.CasWebflowConstants;
import org.apereo.cas.web.support.WebUtils;
import org.pac4j.core.util.CommonHelper;
-import org.pac4j.core.util.Pac4jConstants;
+import org.pac4j.core.context.Pac4jConstants;
import org.pac4j.saml.client.SAML2Client;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.webflow.context.ExternalContext;
diff --git a/cas/cas-server/src/main/java/org/apereo/cas/CasEmbeddedContainerUtils.java b/cas/cas-server/src/main/java/org/apereo/cas/CasEmbeddedContainerUtils.java
index eb89f47e5fdb0634980e7f75458722040978288d..18cc916e62b5817e790df0b735307e2daf3f554f 100644
--- a/cas/cas-server/src/main/java/org/apereo/cas/CasEmbeddedContainerUtils.java
+++ b/cas/cas-server/src/main/java/org/apereo/cas/CasEmbeddedContainerUtils.java
@@ -43,7 +43,14 @@ public class CasEmbeddedContainerUtils {
@Override
protected String getTitle() {
- return "(CAS VitamUI)";
+ return " _______ _____ __ ___ _ _ _ _______ \n" +
+ " / / ____| /\\ / ____| \\ \\ / (_) | | | | |_ _\\ \\ \n" +
+ " | | | / \\ | (___ \\ \\ / / _| |_ __ _ _ __ ___ | | | | | | | |\n" +
+ " | | | / /\\ \\ \\___ \\ \\ \\/ / | | __/ _` | '_ ` _ \\| | | | | | | |\n" +
+ " | | |____ / ____ \\ ____) | \\ / | | || (_| | | | | | | |__| |_| |_ | |\n" +
+ " | |\\_____/_/ \\_\\_____/ \\/ |_|\\__\\__,_|_| |_| |_|\\____/|_____|| |\n" +
+ " \\_\\ /_/ \n" +
+ " \n";
}
}
}
diff --git a/cas/cas-server/src/main/resources/META-INF/spring.factories b/cas/cas-server/src/main/resources/META-INF/spring.factories
index 41af2268de19707012a74c1f23412f6a1cd8c0ef..9edafad40193f5f9e64244908d06b81c5b986b79 100644
--- a/cas/cas-server/src/main/resources/META-INF/spring.factories
+++ b/cas/cas-server/src/main/resources/META-INF/spring.factories
@@ -2,6 +2,4 @@ org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
fr.gouv.vitamui.cas.config.AppConfig,\
fr.gouv.vitamui.cas.config.WebConfig,\
fr.gouv.vitamui.cas.config.WebflowConfig,\
-fr.gouv.vitamui.cas.config.PmConfig,\
-fr.gouv.vitamui.cas.mfa.config.SmsMfaConfiguration,\
-fr.gouv.vitamui.cas.mfa.config.SmsMfaAuthenticationEventExecutionPlanConfiguration
+fr.gouv.vitamui.cas.config.PmConfig
diff --git a/cas/cas-server/src/main/resources/application.properties b/cas/cas-server/src/main/resources/application.properties
index 0a0b2e209be66609e714878ba80501cb075e6c9b..f4ac54d8b4837e077404ea4189b0b2e281c4da47 100644
--- a/cas/cas-server/src/main/resources/application.properties
+++ b/cas/cas-server/src/main/resources/application.properties
@@ -1,24 +1,29 @@
##
-# CAS Server Context Configuration
+# CAS Web Application Embedded Server SSL Configuration
#
-server.context-path=/cas
-server.port=8443
-
server.ssl.key-store=file:/etc/cas/thekeystore
server.ssl.key-store-password=changeit
server.ssl.key-password=changeit
-
+server.ssl.enabled=true
+##
+# CAS Web Application Embedded Server Configuration
+#
+server.port=8443
+server.servlet.context-path=/cas
server.max-http-header-size=2097152
-server.use-forward-headers=true
-server.connection-timeout=20000
-# customisation JLE:
+server.forward-headers-strategy=NONE
+server.connection-timeout=PT20S
+# CUSTO: ALWAYS -> NEVER
server.error.include-stacktrace=NEVER
server.compression.enabled=true
server.compression.mime-types=application/javascript,application/json,application/xml,text/html,text/xml,text/plain
+##
+# CAS Web Application Embedded Tomcat Configuration
+#
server.tomcat.max-http-post-size=2097152
-server.tomcat.basedir=/tmp/
+server.tomcat.basedir=build/tomcat
server.tomcat.accesslog.enabled=true
server.tomcat.accesslog.pattern=%t %a "%r" %s (%D ms)
server.tomcat.accesslog.suffix=.log
@@ -29,25 +34,38 @@ server.tomcat.protocol-header=X-Forwarded-Proto
server.tomcat.protocol-header-https-value=https
server.tomcat.remote-ip-header=X-FORWARDED-FOR
server.tomcat.uri-encoding=UTF-8
+server.tomcat.additional-tld-skip-patterns=*.jar
+##
+# CAS Web Application JMX/Spring Configuration
+#
+spring.jmx.enabled=false
+
+##
+# CAS Web Application Http Encoding Configuration
+#
spring.http.encoding.charset=UTF-8
spring.http.encoding.enabled=true
spring.http.encoding.force=true
+##
+# Allow configuration classes to override bean definitions from Spring Boot
+#
+spring.main.allow-bean-definition-overriding=true
+spring.main.lazy-initialization=false
+
##
# CAS Cloud Bus Configuration
#
spring.cloud.bus.enabled=false
-# Indicates that systemPropertiesOverride can be used.
-# Set to false to prevent users from changing the default accidentally. Default true.
+# Indicates that systemPropertiesOverride can be used. Set to false to prevent users from changing the default accidentally. Default true.
spring.cloud.config.allow-override=true
# External properties should override system properties.
spring.cloud.config.override-system-properties=false
-# When allowOverride is true, external properties should take lowest priority, and not override any
-# existing property sources (including local config files).
+# When allowOverride is true, external properties should take lowest priority, and not override any existing property sources (including local config files).
spring.cloud.config.override-none=false
# spring.cloud.bus.refresh.enabled=true
@@ -55,38 +73,49 @@ spring.cloud.config.override-none=false
# spring.cloud.bus.destination=CasCloudBus
# spring.cloud.bus.ack.enabled=true
-endpoints.enabled=false
-endpoints.sensitive=true
+##
+# CAS Web Application Endpoints Security
+#
+management.endpoints.enabled-by-default=false
+
+management.endpoint.shutdown.enabled=false
+management.endpoint.restart.enabled=false
+
+management.endpoints.web.base-path=/actuator
-endpoints.restart.enabled=false
-endpoints.shutdown.enabled=false
+management.endpoints.web.exposure.include=info,health,status,configurationMetadata
+management.endpoints.jmx.exposure.exclude=*
-# Control the security of the management/actuator endpoints
-# The 'enabled' flag below here controls the rendering of details for the health endpoint amongst other things.
-management.security.enabled=true
-management.security.roles=ACTUATOR,ADMIN
-management.security.sessions=if_required
-management.context-path=/status
-management.add-application-context-header=false
+# management.endpoints.web.exposure.include=*
+# management.endpoints.web.path-mapping.health=status
+# management.endpoint.health.show-details=when_authorized
+
+management.server.add-application-context-header=false
+
+# Endpoint Security Basic Authentication
+spring.security.user.name=casuser
+# spring.security.user.password=
+# spring.security.user.roles=
# Define a CAS-specific "WARN" status code and its order
-management.health.status.order=WARN, DOWN, OUT_OF_SERVICE, UNKNOWN, UP
+management.health.status.order=WARN,DOWN,OUT_OF_SERVICE,UNKNOWN,UP
-# Control the security of the management/actuator endpoints
-# With basic authentication, assuming Spring Security and/or relevant modules are on the classpath.
-security.basic.authorize-mode=role
-security.basic.path=/cas/status/**
-# security.basic.enabled=true
-# security.user.name=casuser
-# security.user.password=
+# Define health indicator behavior (requires cas-server-core-monitor)
+management.health.memoryHealthIndicator.enabled=true
+# Define a default that doesn't require module /cas/actuator/health/ping serves as status
+management.health.ping.enabled=true
+
+# turn off health indicators by default
+management.health.defaults.enabled=false
+spring.cloud.discovery.client.composite-indicator.enabled=false
##
# CAS Web Application Session Configuration
#
# 4 (hours) * 60 (minutes) * 60 (seconds)
-server.session.timeout=14400
-server.session.cookie.http-only=true
-server.session.tracking-modes=COOKIE
+server.servlet.session.timeout=PT14400S
+server.servlet.session.cookie.http-only=true
+server.servlet.session.tracking-modes=COOKIE
cas.ticket.tgt.timeout.maxTimeToLiveInSeconds=14400
##
@@ -96,11 +125,37 @@ spring.thymeleaf.encoding=UTF-8
spring.thymeleaf.cache=true
spring.thymeleaf.mode=HTML
spring.thymeleaf.template-resolver-order=100
+
##
# CAS Log4j Configuration
#
# logging.config=file:/etc/cas/log4j2.xml
-server.context-parameters.isLog4jAutoInitializationDisabled=true
+server.servlet.context-parameters.isLog4jAutoInitializationDisabled=true
+
+##
+# CAS Metrics Configuration
+#
+management.metrics.web.server.auto-time-requests=true
+
+management.metrics.export.atlas.enabled=false
+management.metrics.export.datadog.enabled=false
+management.metrics.export.ganglia.enabled=false
+management.metrics.export.graphite.enabled=false
+management.metrics.export.influx.enabled=false
+management.metrics.export.jmx.enabled=false
+management.metrics.export.newrelic.enabled=false
+management.metrics.export.prometheus.enabled=false
+management.metrics.export.signalfx.enabled=false
+management.metrics.export.statsd.enabled=false
+management.metrics.export.wavefront.enabled=false
+management.metrics.export.simple.enabled=true
+
+management.metrics.enable.logback=true
+management.metrics.enable.process.files=true
+management.metrics.enable.system.cpu=true
+management.metrics.enable.process.cpu=true
+management.metrics.enable.process.uptime=true
+management.metrics.enable.process.start.time=true
##
# CAS AspectJ Configuration
@@ -109,9 +164,9 @@ spring.aop.auto=true
spring.aop.proxy-target-class=true
##
-# CAS Authentication Credentials
+# CAS View Settings
#
-cas.authn.accept.users=casuser::Mellon
+cas.view.cas2.v3ForwardCompatible=true
##
@@ -130,10 +185,7 @@ theme.body.style=--vitamui-primary:${theme.primary};--vitamui-secondary:${theme.
##
-# Cas CORS
+# CAS Authentication Credentials
#
-cas.httpWebRequest.cors.enabled=true
-cas.httpWebRequest.cors.allowCredentials=false
-cas.httpWebRequest.cors.allowOrigins[0]=*
-cas.httpWebRequest.cors.allowMethods[0]=*
-cas.httpWebRequest.cors.allowHeaders[0]=*
+cas.authn.accept.users=casuser::Mellon
+cas.authn.accept.name=Static Credentials
diff --git a/cas/cas-server/src/main/resources/bootstrap.properties b/cas/cas-server/src/main/resources/bootstrap.properties
index b8b2170cb24865769303b358a93142f899a649a1..40c0c886b981f75f38f21ad84849d8c981a09ee8 100644
--- a/cas/cas-server/src/main/resources/bootstrap.properties
+++ b/cas/cas-server/src/main/resources/bootstrap.properties
@@ -16,8 +16,8 @@ spring.cloud.config.profile=native
spring.cloud.config.enabled=false
spring.cloud.config.watch.enabled=true
-spring.cloud.config.watch.initialDelay=30000
-spring.cloud.config.watch.delay=1000
+spring.cloud.config.watch.initialDelay=PT30S
+spring.cloud.config.watch.delay=PT10S
spring.cloud.config.fail-fast=true
health.config.enabled=true
@@ -26,4 +26,4 @@ health.config.enabled=true
# If you wish to change the configuration directory, it's best to not
# overlay this file, but specify the directory location via command-line
# parameters or system properties via -D.
-# cas.standalone.config=/etc/cas/config
+# cas.standalone.configurationDirectory=/etc/cas/config
diff --git a/pom.xml b/pom.xml
index 00cdc9739a1ec47cd151b34bed337e27577eb74c..52a8f6c96d2a9bcd30133cd2ef1a6d90f9b5c1da 100644
--- a/pom.xml
+++ b/pom.xml
@@ -106,7 +106,7 @@
<lombok.version>1.18.8</lombok.version>
<micrometer.version>1.1.5</micrometer.version>
<nio.multipart.parser.version>1.1.0</nio.multipart.parser.version>
- <pac4j.version>4.0.0-RC3</pac4j.version>
+ <pac4j.version>4.0.0-RC2</pac4j.version>
<poi.version>3.17</poi.version>
<powermock.version>2.0.2</powermock.version>
<!-- Temporary fix for Multipart upload issues cf