Skip to content
Snippets Groups Projects

Liam java 11

This is a rebased / reworked version of !177 (closed). Credit to @cedricwilleken for doing the initial migrations The biggest difference between the two branches is:

  1. The schema is stable in this version compared to master. Due to the fixes regarding Id generation. The problem originated because Hibernate reinterpets GenerationType.Auto in newer versions. This pr fixes it to Identity generation as it used to be.
  2. Hibernate ddl is set to validate
  3. A few security classes added in !177 (closed) are now gone namely Encoder and the infamous SavedRequestAwareAuthenticationSuccessHandler
  4. Formatting has been applied in the original commits that introduced the code changes.

Things to review:

  1. SecurityWebApplicationInitializer registers the web security config regardless of profile? is that correct?i
  2. Why is the heroku properties file required?

Things left todo:

  1. Update the contributing guide to mention java 11+ and the command to insert the yaml template.
  2. The redirect to the login page is broken in the dev security setup. (Probably has to do with QueueAuthenticationEntryPoint)
  3. Security in dev setup seems to remember users for to long (even across incognitos?)
  4. The yaml template currently enables: allow-bean-definition-overriding: true which seems slightly hacky.
Edited by Liam Clark

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • Liam Clark added 13 commits

    added 13 commits

    • 472d7ece - Refactor queue for java 11
    • d6764765 - Fix the tests so they work with java 11
    • 9a599677 - Also change pom to reflect the gradle file
    • d5b92f64 - Use java 11 compatible image to test code
    • 8c738b45 - Migrate ci build and test stages to use java 11+
    • 54d3573a - Re-enable redis sessions and make encoder and savedrequestawareauthentication...
    • 00b073ed - Add the dependency for redis session data
    • d59a3529 - Move thymeleaf and hibernate versions to a variable
    • 50209bc4 - Thymeleaf versions dont match apperently to remove them
    • 335238b9 - Apply the suggested edits by intellij
    • c71450c7 - Pick id generation strategy Identity
    • 14bd20e3 - Fix all warnings due to deprecated methods/classes
    • 0eb63212 - Remove Encoder and SavedRequestAwareAuthenticationSuccessHandler

    Compare with previous version

  • Liam Clark changed the description

    changed the description

  • Liam Clark assigned to @cedricwilleken, @otto, @taicoaerts, and @sander

    assigned to @cedricwilleken, @otto, @taicoaerts, and @sander

    • Author Contributor
      Resolved by Liam Clark

      @cedricwilleken The redirect and logout works in development properly again if I remove this line

      		http
      //				.exceptionHandling().authenticationEntryPoint(new QueueAuthenticationEntryPoint()).and()
      				.authorizeRequests()
      				.antMatchers("/").permitAll()

      Any input on why you added this or why we would want it?

  • Chris Lemaire marked the checklist item SecurityWebApplicationInitializer registers the web security config regardless of profile? is that correct?i as completed

    marked the checklist item SecurityWebApplicationInitializer registers the web security config regardless of profile? is that correct?i as completed

  • Chris Lemaire marked the checklist item SecurityWebApplicationInitializer registers the web security config regardless of profile? is that correct?i as incomplete

    marked the checklist item SecurityWebApplicationInitializer registers the web security config regardless of profile? is that correct?i as incomplete

  • Liam Clark added 1 commit

    added 1 commit

    Compare with previous version

  • Liam Clark marked the checklist item SecurityWebApplicationInitializer registers the web security config regardless of profile? is that correct?i as completed

    marked the checklist item SecurityWebApplicationInitializer registers the web security config regardless of profile? is that correct?i as completed

  • Liam Clark marked the checklist item The redirect to the login page is broken in the dev security setup. (Probably has to do with QueueAuthenticationEntryPoint) as completed

    marked the checklist item The redirect to the login page is broken in the dev security setup. (Probably has to do with QueueAuthenticationEntryPoint) as completed

  • Liam Clark marked the checklist item Security in dev setup seems to remember users for to long (even across incognitos?) as completed

    marked the checklist item Security in dev setup seems to remember users for to long (even across incognitos?) as completed

  • Liam Clark marked the checklist item The yaml template currently enables: allow-bean-definition-overriding: true as completed

    marked the checklist item The yaml template currently enables: allow-bean-definition-overriding: true as completed

  • Author Contributor

    In ac040524 the bean overriding is no longer required and more extra security classes can be removed. Furthermore the login redirect on dev is working again

  • Chris Lemaire
  • Chris Lemaire
  • Chris Lemaire
  • Chris Lemaire
  • Liam Clark added 1 commit

    added 1 commit

    Compare with previous version

  • Otto Visser marked the checklist item Why is the heroku properties file required? as completed

    marked the checklist item Why is the heroku properties file required? as completed

  • Liam Clark resolved all threads

    resolved all threads

  • Otto Visser
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Please register or sign in to reply
    Loading