J'ai ajouté un intercepteur à mon projet JAX-RS / Resteasy Java SDK13 fonctionnant sur Wildfly 18 afin d'utiliser des annotations (par exemple @RolesAllowed). Bien que l'implémentation de la sécurité soit bien meilleure que l'approche programmatique, je reçois une erreur d'invocation lorsque Resteasy essaie d'appeler la fonction correspondante (deleteAll ()). J'ai tracé le flux Interceptor juste avant la tentative d'appel et l'Interceptor approuve l'utilisateur et passe le contrôle. Ensuite, j'obtiens cette erreur, qui semble être une défaillance de sécurité, bien que mon intercepteur ait approuvé l'utilisateur.

J'ai changé le réglage Wildfly <default-missing-method-permissions-deny-access value="false"/> mais cela n'a pas changé le comportement.

Java Source étant appelé avec /consumers/deleteall sans rien dans le corps et sans chaîne de requête.

Intercepteur de sécurité


@Provider
@ServerInterceptor
public class SecurityInterceptor implements ContainerRequestFilter
{
   private static final String AUTHORIZATION_PROPERTY = "Authorization";
   private static final String AUTHENTICATION_SCHEME = "xxx";
   private static final ServerResponse ACCESS_DENIED = new ServerResponse("Access denied for this resource", 401, new Headers<Object>());;
   private static final ServerResponse ACCESS_FORBIDDEN = new ServerResponse("Nobody can access this resource", 403, new Headers<Object>());;
   private static final ServerResponse SERVER_ERROR = new ServerResponse("INTERNAL SERVER ERROR", 500, new Headers<Object>());;

   @Inject
   private GenericUserDAO guDAO;

   @Override
   public void filter(ContainerRequestContext requestContext)
   {
       ResourceMethodInvoker methodInvoker = (ResourceMethodInvoker) requestContext.getProperty("org.jboss.resteasy.core.ResourceMethodInvoker");
       Method method = methodInvoker.getMethod();

       if (method != null)
           System.out.println("Access attempt to "+method.getName());

       //Access allowed for all 
       if( ! method.isAnnotationPresent(PermitAll.class))
       {
           //Access denied for all 
           if(method.isAnnotationPresent(DenyAll.class))
           {
               requestContext.abortWith(ACCESS_FORBIDDEN);
               return;
           }

           //Get request headers
           final MultivaluedMap<String, String> headers = requestContext.getHeaders();

           //Fetch authorization header
           final List<String> authorization = headers.get(AUTHORIZATION_PROPERTY);

           //If no authorization information present; block access
           if(authorization == null || authorization.isEmpty())
           {
               requestContext.abortWith(ACCESS_DENIED);
               return;
           }

           //Get encoded username and password
           final String token = authorization.get(0).replaceFirst(AUTHENTICATION_SCHEME + " ", "");

           //Verify user access
           if(method.isAnnotationPresent(RolesAllowed.class))
           {
               RolesAllowed rolesAnnotation = method.getAnnotation(RolesAllowed.class);
               Set<String> rolesSet = new HashSet<String>(Arrays.asList(rolesAnnotation.value()));

               //Is user valid?
               if( ! isUserAllowed(token, rolesSet))
               {
                   requestContext.abortWith(ACCESS_DENIED);
                   return;
               }
           }
       }
       System.out.println("approved");
   }


   private boolean isUserAllowed(final String token, final Set<String> rolesSet) 
   {
       User user = guDAO.findUserByToken(token);
       if (user.getClass() == SuperUser.class)
           return true;

       String userRole = user.getClass().getSimpleName();
       System.out.println("User role is "+userRole+"    Role set is "+rolesSet.toString());
       return rolesSet.contains(userRole);
   }

}

Gestionnaires JAX_RS


@LocalBean
@Stateless
@Path("/consumers")
@RolesAllowed({"SuperUser","Consumer"})
public class ConsumerEndpoint extends UserEndpoint {

    /**
     * Delete all consumers
     * @param token
     * @return
     */
    @DELETE
    @Path("/deleteall")
    @RolesAllowed({"SuperUser","Consumer"})
    public Response deleteAll() {
        Response.ResponseBuilder builder = null;

        if (!consumerDAO.deleteAll()) {
            Map<String, String> responseObj = new HashMap<String, String>();
            responseObj.put("error", "Error executing deletion");
            builder = Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(responseObj);
            return builder.build();
        }

        return Response.ok().build();
    }
}

DONNÉES DE JOURNAL

23:29:23,661 ERROR [org.jboss.as.ejb3.invocation] (default task-1) WFLYEJB0034: EJB Invocation failed on component ConsumerEndpoint for method public javax.ws.rs.core.Response com.eventhorizon.eva.rest.responder.ConsumerEndpoint.deleteAll(): javax.ejb.EJBAccessException: WFLYEJB0364: Invocation on method: public javax.ws.rs.core.Response com.eventhorizon.eva.rest.responder.ConsumerEndpoint.deleteAll() of bean: ConsumerEndpoint is not allowed
    at org.jboss.as.ejb3@18.0.0.Final//org.jboss.as.ejb3.security.AuthorizationInterceptor.processInvocation(AuthorizationInterceptor.java:134)
    at org.jboss.invocation@1.5.2.Final//org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)


23:29:23,665 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /eva/rest/consumers/deleteall: org.jboss.resteasy.spi.UnhandledException: javax.ejb.EJBAccessException: WFLYEJB0364: Invocation on method: public javax.ws.rs.core.Response com.eventhorizon.eva.rest.responder.ConsumerEndpoint.deleteAll() of bean: ConsumerEndpoint is not allowed
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(ExceptionHandler.java:82)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.ExceptionHandler.handleException(ExceptionHandler.java:346)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.SynchronousDispatcher.writeException(SynchronousDispatcher.java:193)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:456)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:229)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:135)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:356)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:138)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:215)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:227)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)
    at javax.servlet.api@2.0.0.Final//javax.servlet.http.HttpServlet.service(HttpServlet.java:590)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
    at io.opentracing.contrib.opentracing-jaxrs2//io.opentracing.contrib.jaxrs2.server.SpanFinishingFilter.doFilter(SpanFinishingFilter.java:52)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
    at org.wildfly.extension.undertow@18.0.0.Final//org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
    at io.undertow.core@2.0.26.Final//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:132)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
    at io.undertow.core@2.0.26.Final//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at io.undertow.core@2.0.26.Final//io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
    at io.undertow.core@2.0.26.Final//io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
    at io.undertow.core@2.0.26.Final//io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
    at io.undertow.core@2.0.26.Final//io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
    at io.undertow.core@2.0.26.Final//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at org.wildfly.extension.undertow@18.0.0.Final//org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
    at io.undertow.core@2.0.26.Final//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at org.wildfly.extension.undertow@18.0.0.Final//org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
    at io.undertow.core@2.0.26.Final//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at io.undertow.core@2.0.26.Final//io.undertow.server.handlers.MetricsHandler.handleRequest(MetricsHandler.java:64)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.core.MetricsChainHandler.handleRequest(MetricsChainHandler.java:59)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:269)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:78)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:133)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:130)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
    at org.wildfly.extension.undertow@18.0.0.Final//org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
    at org.wildfly.extension.undertow@18.0.0.Final//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1504)
    at org.wildfly.extension.undertow@18.0.0.Final//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1504)
    at org.wildfly.extension.undertow@18.0.0.Final//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1504)
    at org.wildfly.extension.undertow@18.0.0.Final//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1504)
    at org.wildfly.extension.undertow@18.0.0.Final//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1504)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:249)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:78)
    at io.undertow.servlet@2.0.26.Final//io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:99)
    at io.undertow.core@2.0.26.Final//io.undertow.server.Connectors.executeRootHandler(Connectors.java:376)
    at io.undertow.core@2.0.26.Final//io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830)
    at org.jboss.threads@2.3.3.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
    at org.jboss.threads@2.3.3.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982)
    at org.jboss.threads@2.3.3.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
    at org.jboss.threads@2.3.3.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
    at java.base/java.lang.Thread.run(Thread.java:830)
Caused by: javax.ejb.EJBAccessException: WFLYEJB0364: Invocation on method: public javax.ws.rs.core.Response com.eventhorizon.eva.rest.responder.ConsumerEndpoint.deleteAll() of bean: ConsumerEndpoint is not allowed
    at org.jboss.as.ejb3@18.0.0.Final//org.jboss.as.ejb3.security.AuthorizationInterceptor.processInvocation(AuthorizationInterceptor.java:134)
    at org.jboss.invocation@1.5.2.Final//org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
    at org.jboss.as.ejb3@18.0.0.Final//org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:100)
    at org.jboss.invocation@1.5.2.Final//org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
    at org.jboss.as.ejb3@18.0.0.Final//org.jboss.as.ejb3.deployment.processors.StartupAwaitInterceptor.processInvocation(StartupAwaitInterceptor.java:22)
    at org.jboss.invocation@1.5.2.Final//org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
    at org.jboss.as.ejb3@18.0.0.Final//org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64)
    at org.jboss.invocation@1.5.2.Final//org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
    at org.jboss.as.ejb3@18.0.0.Final//org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:67)
    at org.jboss.invocation@1.5.2.Final//org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
    at org.jboss.as.ee@18.0.0.Final//org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)
    at org.jboss.invocation@1.5.2.Final//org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
    at org.jboss.invocation@1.5.2.Final//org.jboss.invocation.ContextClassLoaderInterceptor.processInvocation(ContextClassLoaderInterceptor.java:60)
    at org.jboss.invocation@1.5.2.Final//org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
    at org.jboss.invocation@1.5.2.Final//org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:438)
    at org.wildfly.security.elytron-private@1.10.3.Final//org.wildfly.security.manager.WildFlySecurityManager.doChecked(WildFlySecurityManager.java:627)
    at org.jboss.invocation@1.5.2.Final//org.jboss.invocation.AccessCheckingInterceptor.processInvocation(AccessCheckingInterceptor.java:57)
    at org.jboss.invocation@1.5.2.Final//org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
    at org.jboss.invocation@1.5.2.Final//org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:53)
    at org.jboss.as.ee@18.0.0.Final//org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:198)
    at org.jboss.as.ee@18.0.0.Final//org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:185)
    at org.jboss.as.ee@18.0.0.Final//org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:81)
    at deployment.eva.war//com.eventhorizon.eva.rest.responder.ConsumerEndpoint$$$view8.deleteAll(Unknown Source)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:567)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:138)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:517)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:406)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$0(ResourceMethodInvoker.java:370)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:356)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:372)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:344)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:317)
    at org.jboss.resteasy.resteasy-jaxrs@3.9.0.Final//org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:440)
    ... 59 more

23:29:23,670 INFO  [io.undertow.request.dump] (default task-1) 
----------------------------REQUEST---------------------------
               URI=/eva/rest/consumers/deleteall
 characterEncoding=null
     contentLength=0
       contentType=[application/json]
            header=Accept=application/json
            header=Connection=keep-alive
            header=Authorization=ApiKey-v1 AC0gP9D-2jrCRDXfzyTayDb5LuUTTX9_Z2NwMDcwM0BnbWFpbC5jb20=
            header=Content-Type=application/json
            header=Content-Length=0
            header=User-Agent=Java/13.0.1
            header=Host=localhost:8080
            locale=[]
            method=DELETE
          protocol=HTTP/1.1
       queryString=
        remoteAddr=/127.0.0.1:53053
        remoteHost=localhost
            scheme=http
              host=localhost:8080
        serverPort=8080
          isSecure=false
--------------------------RESPONSE--------------------------
     contentLength=-1
       contentType=text/html;charset=UTF-8
            header=Connection=keep-alive
            header=Transfer-Encoding=chunked
            header=Content-Type=text/html;charset=UTF-8
            header=Date=Tue, 14 Jan 2020 06:29:23 GMT
            status=500

==============================================================

POM.XML

<project xmlns="http://maven.apache.org/POM/4.0.0"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">

    <modelVersion>4.0.0</modelVersion>
    <groupId>com.eventhorizon</groupId>
    <artifactId>eva</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <packaging>war</packaging>
    <name>Eva REST Interface</name>
    <properties>
        <!-- Explicitly declaring the source encoding eliminates the following 
            message: -->
        <!-- [WARNING] Using platform encoding (UTF-8 actually) to copy filtered 
            resources, i.e. build is platform dependent! -->
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>

        <!-- You can reference property in pom.xml or filtered resources (must 
            enable third-party plugin if using Maven < 2.1) -->

        <!-- JBoss dependency versions -->

        <version.jboss.maven.plugin>7.9.Final</version.jboss.maven.plugin>

        <!-- Define the version of the JBoss BOMs we want to import to specify 
            tested stacks. -->
        <version.jboss.bom>1.0.7.Final</version.jboss.bom>

        <!-- Other dependency versions -->
        <version.org.eclipse.m2e>1.0.0</version.org.eclipse.m2e>
        <version.ro.isdc.wro4j>1.4.4</version.ro.isdc.wro4j>

        <!-- other plugin versions -->
        <version.surefire.plugin>2.10</version.surefire.plugin>
        <version.war.plugin>2.2</version.war.plugin>

        <!-- maven-compiler-plugin -->
        <maven.compiler.target>12</maven.compiler.target>
        <maven.compiler.source>12</maven.compiler.source>
    </properties>

    <dependencyManagement>
        <dependencies>
            <!-- https://mvnrepository.com/artifact/org.wildfly.bom/wildfly-jakartaee8-with-tools-builder -->
            <dependency>
                <groupId>org.wildfly.bom</groupId>
                <artifactId>wildfly-jakartaee8-with-tools-builder</artifactId>
                <version>18.0.1.Final</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
            <!-- https://mvnrepository.com/artifact/org.jboss.spec.javax.management.j2ee/jboss-j2eemgmt-api_1.1_spec-parent -->
            <dependency>
                <groupId>org.jboss.spec.javax.management.j2ee</groupId>
                <artifactId>jboss-j2eemgmt-api_1.1_spec-parent</artifactId>
                <version>2.0.0.Final</version>
                <type>pom</type>
            </dependency>
            <dependency>
                <groupId>org.jboss.arquillian</groupId>
                <artifactId>arquillian-bom</artifactId>
                <version>1.1.8.Final</version>
                <scope>import</scope>
                <type>pom</type>
            </dependency>
        </dependencies>
    </dependencyManagement>
    <dependencies>
        <dependency>
            <groupId>org.json</groupId>
            <artifactId>json</artifactId>
            <version>20180130</version>
        </dependency>
        <!-- https://mvnrepository.com/artifact/org.mongodb/mongo-java-driver -->
        <dependency>
            <groupId>org.mongodb</groupId>
            <artifactId>mongo-java-driver</artifactId>
            <version>3.12.0</version>
        </dependency>
        <dependency>
            <groupId>com.sendgrid</groupId>
            <artifactId>sendgrid-java</artifactId>
            <version>4.4.1</version>
        </dependency>

        <dependency>
            <groupId>com.sendgrid</groupId>
            <artifactId>java-http-client</artifactId>
            <version>4.1.0</version>
        </dependency>

        <dependency>
            <groupId>commons-beanutils</groupId>
            <artifactId>commons-beanutils</artifactId>
        </dependency>
        <dependency>
            <groupId>org.bouncycastle</groupId>
            <artifactId>bcprov-jdk15on</artifactId>
        </dependency>

    </dependencies>
    <build>
        <!-- Maven will append the version to the finalName (which is the name 
            given to the generated war, and hence the context root) -->
        <!-- <finalName>${project.artifactId}</finalName> -->
        <finalName>eva</finalName>
        <plugins>
            <plugin>
                <artifactId>maven-war-plugin</artifactId>
                <version>3.2.2</version>
                <configuration>
                    <!-- Java EE 6 doesn't require web.xml, Maven needs to catch up! -->
                    <failOnMissingWebXml>false</failOnMissingWebXml>
                </configuration>
            </plugin>
        </plugins>
    </build>
</project>
1
Jerry 14 janv. 2020 à 10:00