Issue #574, #575: Upgrade to Weaver 2.3.0-SNAPSHOT, Java 25, Spring Boot 3.5.6

Dockerfile

@@ -5,8 +5,16 @@ ARG SOURCE_DIR=/$USER_NAME/source
 ARG NPM_REGISTRY=upstream
 ARG NODE_ENV=development
 
-# Maven stage.
-FROM maven:3-openjdk-11-slim as maven
+# ----------------------------------------------------------------------
+# Stage 1: Build a dedicated Node.js image to copy binaries from.
+# ----------------------------------------------------------------------
+FROM node:20.12.2-alpine AS node
+
+# ----------------------------------------------------------------------
+# Stage 2: Build SAGE artifact with Maven. Specific versions of Node.js,
+# Python, and build tools are required for node-sass.
+# ----------------------------------------------------------------------
+FROM maven:3-eclipse-temurin-25-alpine AS maven
 ARG USER_ID
 ARG USER_NAME
 ARG SOURCE_DIR
@@ -16,18 +24,26 @@ ARG NODE_ENV
 ENV NODE_ENV=$NODE_ENV
 
 # Create the user and group (use a high ID to attempt to avoid conflicts).
-RUN groupadd --non-unique -g $USER_ID $USER_NAME && \
-    useradd --non-unique -d /$USER_NAME -m -u $USER_ID -g $USER_ID $USER_NAME
-
-# Install stable Nodejs and npm.
-RUN apt-get update --fix-missing && \
-    apt-get upgrade -y --fix-missing && \
-    apt-get install -y nodejs npm iproute2 --fix-missing && \
-    apt-get clean && \
-    rm -rf /var/lib/apt/lists/* && \
-    npm cache clean -f && \
-    npm install -g n && \
-    n stable
+RUN addgroup -g $USER_ID $USER_NAME && \
+    adduser -D -h /$USER_NAME -u $USER_ID -G $USER_NAME $USER_NAME
+
+# Install Nodejs, npm, python, and other build tools.
+RUN apk update && \
+    apk upgrade && \
+    apk add --no-cache \
+      build-base \
+      make \
+      python3 py3-setuptools \
+      g++ libstdc++ && \
+    apk add --no-cache
+
+COPY --from=node /usr/local/bin/ /usr/local/bin/
+COPY --from=node /usr/local/lib/ /usr/local/lib/
+COPY --from=node /usr/local/share/ /usr/local/share/
+COPY --from=node /usr/local/include/ /usr/local/include/
+
+RUN rm -rf /var/cache/apk/* && \
+    node -v && npm -v
 
 # Ensure source directory exists and has appropriate file permissions.
 RUN mkdir -p $SOURCE_DIR && \
@@ -45,7 +61,6 @@ COPY ./build ./build
 COPY ./build/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 COPY ./package.json ./package.json
 
-
 USER root
 COPY ./build/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 
@@ -64,20 +79,23 @@ RUN echo $NPM_REGISTRY && \
 # Copy in your index.html file and modify it before the mvn package command
 COPY ./src/main/resources/templates/index.html $SOURCE_DIR/src/main/resources/templates/index.html
 
+RUN mvn dependency:resolve
+
 # Build.
 RUN mvn package -Pjar -DskipTests
 
-# Switch to Normal JRE Stage.
-FROM openjdk:11-jre-slim
+# ----------------------------------------------------------------------
+# Stage 3: Normal JRE Stage to run SAGE artifact with Java.
+# ----------------------------------------------------------------------
+FROM eclipse-temurin:25-jre-alpine
 ARG USER_ID
 ARG USER_NAME
 ARG SOURCE_DIR
 
-RUN apt-get update && \
-    apt-get upgrade -y && \
-    apt-get -y install gettext-base && \
-    apt-get clean && \
-    rm -rf /var/lib/apt/lists/*
+RUN apk update && \
+    apk upgrade && \
+    apk add --no-cache gettext bash && \
+    rm -rf /var/cache/apk/*
 
 # Copy files from outside docker to inside.
 COPY build/appConfig.js.template /usr/local/app/templates/appConfig.js.template
@@ -88,8 +106,8 @@ RUN chmod ugo+r /usr/local/app/templates/appConfig.js.template && \
     chmod ugo+rx /usr/local/bin/docker-entrypoint.sh
 
 # Create the user and group (use a high ID to attempt to avoid conflicts).
-RUN groupadd --non-unique -g $USER_ID $USER_NAME && \
-    useradd --non-unique -d /$USER_NAME -m -u $USER_ID -g $USER_ID $USER_NAME
+RUN addgroup -g $USER_ID $USER_NAME && \
+    adduser -D -h /$USER_NAME -u $USER_ID -G $USER_NAME $USER_NAME
 
 # Set deployment directory.
 WORKDIR /$USER_NAME

docker-compose.yml

@@ -1,5 +1,3 @@
-version: '3.7'
-
 networks:
   default:
     name: weaver

pom.xml

@@ -4,25 +4,24 @@
 
   <groupId>edu.tamu</groupId>
   <artifactId>sage</artifactId>
-  <version>1.3.5</version>
+  <version>1.4.0-SNAPSHOT</version>
 
   <name>Sage</name>
   <description>Weaver Solr Aggregation Engine</description>
 
   <parent>
     <groupId>edu.tamu.weaver</groupId>
     <artifactId>webservice-parent</artifactId>
-    <version>2.1.1</version>
+    <version>2.3.0-SNAPSHOT</version>
   </parent>
 
   <properties>
-    <is-production>false</is-production>
-    <java.version>11</java.version>
+    <java.version>25</java.version>
     <maven.compiler.source>${java.version}</maven.compiler.source>
     <maven.compiler.target>${java.version}</maven.compiler.target>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
-    <maven-plugins.version>2.22.2</maven-plugins.version>
+    <maven-plugins.version>3.5.4</maven-plugins.version>
     <start-class>edu.tamu.sage.SageApplication</start-class>
     <maven.packaging>war</maven.packaging>
   </properties>
@@ -60,6 +59,37 @@
       <version>${project.parent.version}</version>
     </dependency>
 
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
+      <artifactId>spring-boot-starter</artifactId>
+      <exclusions>
+        <exclusion>
+          <groupId>org.springframework.boot</groupId>
+          <artifactId>spring-boot-starter-logging</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
+      <artifactId>spring-boot-starter-web</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
+      <artifactId>spring-boot-starter-validation</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
+      <artifactId>spring-boot-starter-actuator</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
+      <artifactId>spring-boot-starter-log4j2</artifactId>
+    </dependency>
+
     <dependency>
       <groupId>commons-codec</groupId>
       <artifactId>commons-codec</artifactId>
@@ -73,6 +103,7 @@
     <dependency>
       <groupId>org.apache.solr</groupId>
       <artifactId>solr-core</artifactId>
+      <version>9.9.0</version>
     </dependency>
 
     <dependency>
@@ -119,22 +150,6 @@
       </exclusions>
     </dependency>
 
-    <dependency>
-      <groupId>org.springframework.boot</groupId>
-      <artifactId>spring-boot-starter</artifactId>
-      <exclusions>
-        <exclusion>
-          <groupId>org.springframework.boot</groupId>
-          <artifactId>spring-boot-starter-logging</artifactId>
-        </exclusion>
-      </exclusions>
-    </dependency>
-
-    <dependency>
-      <groupId>org.springframework.boot</groupId>
-      <artifactId>spring-boot-starter-log4j2</artifactId>
-    </dependency>
-
     <dependency>
       <groupId>org.apache.tika</groupId>
       <artifactId>tika-core</artifactId>
@@ -154,27 +169,14 @@
 
     <dependency>
       <groupId>org.thymeleaf</groupId>
-      <artifactId>thymeleaf-spring5</artifactId>
+      <artifactId>thymeleaf-spring6</artifactId>
+      <version>3.1.3.RELEASE</version>
     </dependency>
 
     <dependency>
       <groupId>org.thymeleaf.extras</groupId>
-      <artifactId>thymeleaf-extras-springsecurity5</artifactId>
-    </dependency>
-
-    <dependency>
-      <groupId>org.springframework.boot</groupId>
-      <artifactId>spring-boot-starter-actuator</artifactId>
-    </dependency>
-
-    <dependency>
-      <groupId>org.springframework.boot</groupId>
-      <artifactId>spring-boot-starter-web</artifactId>
-    </dependency>
-
-    <dependency>
-      <groupId>org.springframework.boot</groupId>
-      <artifactId>spring-boot-starter-validation</artifactId>
+      <artifactId>thymeleaf-extras-springsecurity6</artifactId>
+      <version>3.1.3.RELEASE</version>
     </dependency>
 
     <dependency>
@@ -385,11 +387,7 @@
       <plugin>
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-compiler-plugin</artifactId>
-        <version>3.10.1</version>
-        <configuration>
-          <source>${java.version}</source>
-          <target>${java.version}</target>
-        </configuration>
+        <version>3.13.0</version>
       </plugin>
 
       <plugin>

src/main/java/edu/tamu/sage/SageApplication.java

@@ -4,7 +4,7 @@
 import java.io.IOException;
 import java.net.URISyntaxException;
 
-import javax.annotation.PostConstruct;
+import jakarta.annotation.PostConstruct;
 
 import org.springframework.boot.system.ApplicationHome;
 import org.springframework.boot.SpringApplication;

src/main/java/edu/tamu/sage/auth/controller/AuthController.java

@@ -85,7 +85,7 @@ public ApiResponse registration(@RequestBody(required = false) Map<String, Strin
 
             try {
                 emailSender.sendEmail(email, finalEmail.getSubject(), finalEmail.getMessage());
-            } catch (javax.mail.MessagingException e) {
+            } catch (jakarta.mail.MessagingException e) {
                 logger.debug("Unable to send email! " + email);
                 return new ApiResponse(ERROR, "Unable to send email! " + email);
             }

src/main/java/edu/tamu/sage/config/AppWebMvcConfig.java

@@ -7,7 +7,6 @@
 import java.util.concurrent.TimeUnit;
 
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.domain.EntityScan;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -34,9 +33,6 @@
 @EnableScheduling
 public class AppWebMvcConfig implements WebMvcConfigurer {
 
-    @Value("${app.config.path}")
-    private String appConfigPath;
-
     @Autowired
     private List<HttpMessageConverter<?>> converters;
 
@@ -67,7 +63,6 @@ private static ExecutorService configureExecutorService() {
 
     @Override
     public void addResourceHandlers(ResourceHandlerRegistry registry) {
-        registry.addResourceHandler("/appConfig.js").addResourceLocations(appConfigPath);
         registry.addResourceHandler("/**").addResourceLocations("classpath:/");
         registry.setOrder(Integer.MAX_VALUE - 2);
     }

src/main/java/edu/tamu/sage/config/AppWebSecurityConfig.java

@@ -2,10 +2,14 @@
 
 import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS;
 
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.web.SecurityFilterChain;
 
 import edu.tamu.sage.auth.service.AppUserDetailsService;
 import edu.tamu.sage.model.Role;
@@ -18,16 +22,22 @@
 @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
 public class AppWebSecurityConfig extends AuthWebSecurityConfig<User, UserRepo, AppUserDetailsService> {
 
+    @Autowired
+    private AuthenticationManager authenticationManager;
+
+    @Bean
     @Override
-    protected void configure(HttpSecurity http) throws Exception {
+    protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         // @formatter:off
         http
             .sessionManagement()
                 .sessionCreationPolicy(STATELESS)
             .and()
                 .authorizeRequests()
                     .expressionHandler(webExpressionHandler())
-                    .antMatchers("/**/*")
+                    .requestMatchers("/")
+                        .permitAll()
+                    .requestMatchers("/**")
                         .permitAll()
             .and()
                 .headers()
@@ -36,8 +46,10 @@ protected void configure(HttpSecurity http) throws Exception {
             .and()
                 .csrf()
                     .disable()
-            .addFilter(tokenAuthorizationFilter());
+            .addFilter(tokenAuthorizationFilter(authenticationManager));
         // @formatter:on
+
+        return http.build();
     }
 
     @Override