Update X509 sample to Spring 6

servlet/java-configuration/authentication/x509/build.gradle

@@ -1,11 +1,11 @@
 plugins {
 	id "java"
-//	id "nebula.integtest" version "8.2.0"
-	id "org.gretty" version "3.0.6"
+	id "nebula.integtest" version "8.2.0"
+	id "org.gretty" version "4.0.1"
 	id "war"
 }
 
-//apply from: "gradle/gretty.gradle"
+apply from: "gradle/gretty.gradle"
 
 repositories {
 	mavenCentral()
@@ -14,14 +14,17 @@ repositories {
 }
 
 dependencies {
-	implementation platform("org.springframework:spring-framework-bom:5.3.0")
-	implementation platform("org.springframework.security:spring-security-bom:5.5.0-SNAPSHOT")
+	implementation platform("org.springframework:spring-framework-bom:6.0.7")
+	implementation platform("org.springframework.security:spring-security-bom:6.0.2")
 	implementation platform("org.junit:junit-bom:5.7.0")
 
 	implementation "org.springframework.security:spring-security-config"
 	implementation "org.springframework.security:spring-security-web"
 	implementation "org.springframework:spring-webmvc"
-	implementation "org.apache.httpcomponents:httpclient:4.5.13"
+	implementation "org.apache.httpcomponents.client5:httpclient5:5.2.1"
+
+	providedCompile "jakarta.servlet:jakarta.servlet-api:6.0.0"
+	providedCompile "org.glassfish.web:jakarta.servlet.jsp.jstl:2.0.0"
 
 	testImplementation "org.assertj:assertj-core:3.18.0"
 	testImplementation "org.springframework:spring-test"

servlet/java-configuration/authentication/x509/gradle/gretty.gradle

@@ -3,6 +3,9 @@ gretty {
 	contextPath = "/"
 	fileLogEnabled = false
 	integrationTestTask = 'integrationTest'
+	httpsEnabled = true
+	sslKeyStorePath = 'certs/server.p12'
+	sslKeyStorePassword = 'password'
 }
 
 Task prepareAppServerForIntegrationTests = project.tasks.create('prepareAppServerForIntegrationTests') {

servlet/java-configuration/authentication/x509/src/integTest/java/example/X509Tests.java

@@ -20,10 +20,17 @@ import java.security.KeyStore;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLHandshakeException;
 
-import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
-import org.apache.http.impl.client.CloseableHttpClient;
-import org.apache.http.impl.client.HttpClients;
-import org.apache.http.ssl.SSLContexts;
+import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
+import org.apache.hc.client5.http.impl.classic.HttpClients;
+import org.apache.hc.client5.http.impl.io.BasicHttpClientConnectionManager;
+import org.apache.hc.client5.http.socket.ConnectionSocketFactory;
+import org.apache.hc.client5.http.socket.PlainConnectionSocketFactory;
+import org.apache.hc.client5.http.ssl.HttpsSupport;
+import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
+import org.apache.hc.client5.http.ssl.TrustAllStrategy;
+import org.apache.hc.core5.http.config.Registry;
+import org.apache.hc.core5.http.config.RegistryBuilder;
+import org.apache.hc.core5.ssl.SSLContexts;
 import org.junit.jupiter.api.Disabled;
 import org.junit.jupiter.api.Test;
 
@@ -41,38 +48,51 @@ import static org.assertj.core.api.Assertions.assertThatCode;
  *
  * @author Michael Simons
  */
-@Disabled
+// @Disabled
 public class X509Tests {
 
 	@Test
 	void notCertificateThenSslHandshakeException() {
 		RestTemplate rest = new RestTemplate();
-		assertThatCode(() -> rest.getForEntity("https://localhost:8443/", String.class))
+		assertThatCode(() -> rest.getForEntity(getServerUrl(), String.class))
 				.hasCauseInstanceOf(SSLHandshakeException.class);
 	}
 
 	@Test
+	@Disabled("Figure out how to make certs work")
 	void certificateThenStatusOk() throws Exception {
-		ClassPathResource serverKeystore = new ClassPathResource("/certs/server.p12");
+		ClassPathResource serverKeystore = new ClassPathResource("certs/server.p12");
 		KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
 		keyStore.load(serverKeystore.getInputStream(), "password".toCharArray());
 		// @formatter:off
 		SSLContext sslContext = SSLContexts.custom()
 				.loadKeyMaterial(keyStore, "password".toCharArray(), (aliases, socket) -> "client")
-				.loadTrustMaterial(keyStore, null)
+				.loadTrustMaterial(keyStore, new TrustAllStrategy())
 				.build();
 
 		SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(sslContext,
-				new String[]{"TLSv1.2", "TLSv1.1"},
-				null,
-				SSLConnectionSocketFactory.getDefaultHostnameVerifier());
+				HttpsSupport.getDefaultHostnameVerifier());
+
+		final Registry<ConnectionSocketFactory> socketFactoryRegistry =
+				RegistryBuilder.<ConnectionSocketFactory> create()
+						.register("https", socketFactory)
+						.register("http", new PlainConnectionSocketFactory())
+						.build();
+
+		final BasicHttpClientConnectionManager connectionManager = new BasicHttpClientConnectionManager(socketFactoryRegistry);
 		// @formatter:on
 
-		CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
-		ClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
-		RestTemplate rest = new RestTemplate(requestFactory);
-		ResponseEntity<String> responseEntity = rest.getForEntity("https://localhost:8443/me", String.class);
-		assertThat(responseEntity).extracting((result) -> result.getStatusCode().is2xxSuccessful()).isEqualTo(true);
+		try (CloseableHttpClient httpClient = HttpClients.custom().setConnectionManager(connectionManager).build()) {
+			ClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
+			RestTemplate rest = new RestTemplate(requestFactory);
+			ResponseEntity<String> responseEntity = rest.getForEntity(getServerUrl() + "/me", String.class);
+			assertThat(responseEntity).extracting((result) -> result.getStatusCode().is2xxSuccessful()).isEqualTo(true);
+		}
+
+	}
+
+	private String getServerUrl() {
+		return "https://localhost:" + System.getProperty("app.httpsPort");
 	}
 
 }

servlet/java-configuration/authentication/x509/src/main/java/example/MvcWebApplicationInitializer.java

@@ -16,7 +16,7 @@
 
 package example;
 
-import javax.servlet.Filter;
+import jakarta.servlet.Filter;
 
 import org.springframework.web.filter.HiddenHttpMethodFilter;
 import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;